August 27, 2008 1:47 PM PDT
IE 8 contains a cross-site scripting filter, a security feature that is unique among Internet browsers. Cross-site scripting allows an attacker to execute script on a user's browser without them knowing. When the IE 8 filter finds a Web page with a cross-site scripting request, it changes the content on the page and displays with an end-user notice. Users are not presented with an option; IE simply blocks the malicious script from executing and displays the rest of the page, allowing the end-user to view pages even if they have been compromised.
Photo by Microsoft
Caption by Robert Vamosi
