TechNet
Products
IT Resources
Downloads
Training
Support
Products
Windows
Windows Server
System Center
Internet Explorer
Office
Office 365
Exchange Server
SQL Server
SharePoint Products
Lync
See all products »
Resources
Curah! curation service
Evaluation Center
Learning Resources
Microsoft Tech Companion App
Microsoft Technical Communities
Microsoft Virtual Academy
Script Center
Server and Tools Blogs
TechNet Blogs
TechNet Flash Newsletter
TechNet Gallery
TechNet Library
TechNet Magazine
TechNet Subscriptions
TechNet Video
TechNet Wiki
Windows Sysinternals
Virtual Labs
Solutions
Networking
Cloud and Datacenter
Security
Virtualization
Updates
Service Packs
Security Bulletins
Microsoft Update
Trials
Windows Server 2012 R2
System Center 2012 R2
Microsoft SQL Server 2012 SP1
Windows 8.1 Enterprise
See all trials »
Related Sites
Microsoft Download Center
TechNet Evaluation Center
Drivers
Compatability & Converters
Windows Sysinternals
TechNet Gallery
Training
Training Catalog
Class Locator
Microsoft Virtual Academy
Free Windows Server 2012 courses
Free Windows 8 courses
SQL Server training
e-Learning overview
Certifications
Certification overview
MCSA: Windows 8
Windows Server Certification (MCSE)
Private Cloud Certification (MCSE)
SQL Server Certification (MCSE)
Other resources
TechNet Events
Second shot for certification
Born To Learn blog
Find technical communities in your area
Support by product
Exchange Server
Forefront Server
Forefront Edge Security
Forefront Server Security
Internet Explorer
Office
SharePoint
SQL Server
System Center
Windows Server
Windows XP
Windows Vista
Windows 7
Windows 8
Other support links
Microsoft Premier Online
Microsoft Fix It Center
TechNet Forums
MSDN Forums
Security Bulletins & Advisories
International support solutions
Log a support ticket
Look up event IDs and error codes
Not an IT pro?
Microsoft Customer Support
Microsoft Community Forums
Sign in
台灣微軟資安部落格
這個部落格提供微軟資安相關訊息,研究報告與微軟資安解決方案的相關新聞,歡迎透過RSS追蹤本部落格最新訊息。
Options
Email Blog Author
RSS for posts
Atom
RSS for comments
OK
Search Blogs
Tags
ATL
COM
Cross-site scripting
DDOS
Forefront
IIS
Microsoft Security Essentials
Security
Security Development Lifecycle
Security vulnerability alert
Share Point
SQL Server
Virus Bulletin
Waledac
XSS攻擊
偽造攻擊
分散式阻斷服務攻擊
小常識
殭屍網路
流氓軟體
資安小常識
資訊安全公告
跨網站指令碼攻擊
防毒
防毒軟體
Archive
Archives
December 2013
(1)
November 2013
(1)
October 2013
(2)
September 2013
(1)
August 2013
(1)
July 2013
(7)
June 2013
(1)
May 2013
(1)
April 2013
(1)
February 2013
(1)
January 2013
(1)
December 2012
(1)
November 2012
(1)
October 2012
(1)
September 2012
(1)
August 2012
(1)
July 2012
(1)
June 2012
(1)
May 2012
(1)
April 2012
(1)
March 2012
(1)
February 2012
(1)
January 2012
(1)
December 2011
(1)
November 2011
(1)
October 2011
(2)
September 2011
(1)
August 2011
(1)
July 2011
(2)
June 2011
(1)
May 2011
(1)
April 2011
(1)
March 2011
(1)
February 2011
(1)
January 2011
(1)
December 2010
(1)
November 2010
(1)
October 2010
(1)
September 2010
(1)
August 2010
(2)
July 2010
(1)
June 2010
(2)
May 2010
(2)
April 2010
(2)
March 2010
(2)
February 2010
(2)
January 2010
(1)
December 2009
(2)
November 2009
(2)
October 2009
(2)
September 2009
(2)
August 2009
(4)
July 2009
(8)
June 2009
(1)
Blog - Link List
資訊安全相關連結
TechNet 資訊安全中心
微軟資訊安全首頁
最新與熱門Top 50資訊安全知識
資安小常識
相關連結
September, 2009
TechNet Blogs
»
台灣微軟資安部落格
»
September, 2009
Sort by:
Most Recent
|
Most Views
|
Most Comments
Excerpt View
|
Full Post View
[資安小常識] 什麼是跨網站指令碼XSS攻擊?
Posted
over 4 years ago
by
TechNet 老妹
跨網站指令碼 XSS (Cross-site scripting) 攻擊,是一種針對網站應用程式設計不夠嚴謹所導致的安全弱點攻擊行為;最原始的弱點是允許攻擊者將惡意程序植入網頁中,導致使用者瀏覽網頁時,受到不同程度的影響,如在背景中下載惡意程序,後門開啟或是密碼與個人資料之竊取。 近期新聞事件中常見之 XSS 攻擊,雖然是針對同樣的弱點進行攻擊,但採用了不同的運作方式;其原理是讓使用者存取經過特殊設計的網址(該網站本身具有 XSS 弱點);使用者存取時瀏覽器中除了原先正常網站的頁面會出現之外...
[安全性公告] 2009年09月資訊安全公告
Posted
over 4 years ago
by
TechNet 老妹
台灣微軟今天發佈了九月份的資訊安全公告,本次有五個重大等級的更新 ,解決最近發現的安全性風險 。 大家可以透過 Windows Update 自動更新這些更新程式,也可以透過 Microsoft 下載中心 或下方公告內容手動下載。 新資訊安全公告 Microsoft 發行下列五個新安全性公告,解決最近發現的安全性風險: 公告編號 公告標題 最高嚴重性等級 安全性風險的影響 重新開機需求 ...