I’ve discovered new XSS vulnerabilities in PSCS VPOP3 Enterprise Email server, exactly on Web Mail interface. Vulnerability version is 2.6.0j. Vendor is informed but isn’t published fix for this vulnerabilities yet, so for solution use a proxy or IPS to filter malicious characters. Secunia confirmed and published this vulnerability.

This years Pwn2Own uncover 4 new never seen before critical vulnerabilities affecting the IE8, Safari and FireFox. More about this contest you can read at DVLabs Blog.

Guys from the SRI International were made really good analysis on the currently most active Virus/Worm, Conficker, also known as Downup, Downadup and Kido. Analysis can be found at http://mtc.sri.com/Conficker/.

… and now I am very proud of myself because my name is the second time in a row appear on this page Security Researcher Acknowledgments for Microsoft Online Services. Hope to see you soon again!