First denial, then anger, then DDoS, then patching.
A tool that's popular with Microsoft's in-house developers, the RadEditor HTML editor, contains a dangerous cross-site scripting (XSS) vulnerability, researcher GS McNamara says. The editor was developed by Telerik and used in trusted in-house code in many big enterprises and across Redmond products including MSDN, CodePlex, TechNet, MCMS and as an alternative for SharePoint. McNamara of CGI Federal said the flaw (CVE-2014-4958) was dangerous leading to typical XSS impacts including potential th...