Several people have asked me when the next version of the Microsoft Anti-Cross Site Scripting (XSS) Library (version 1.5) would be released. There were some delays, and so it should be around the end of June, no guarantees though -- by the way, thanks for all the patience so far!
Since the original release of version 1.0 found at this link I've received lots of great feedback and numerous requests for this coming version. I tried to get everyone's requests into the new implementation, but in any case here's a couple things that you can expect to see in version 1.5:
A Clearer End User License Agreement (EULA):
Significant Performance Improvements: Thank Lucius Fleuchaus when you can, he's another Microsoft employee!
Thank Lucius Fleuchaus when you can, he's another Microsoft employee!
And much more ... I've also got a couple more interesting tools coming so it should definitely be an interesting 2006. Keep an eye on the the official Application Consulting & Engineering (ACE) team blog at http://blogs.msdn.com/ace_team/default.aspx
for the official release announcement of these tools and many others.
By the way, if you're interested in learning more about XSS attacks, check out these links:
Open Web Application Security Project (OWASP)
Kevin Lam, CISSP
Senior Security Technologist
Microsoft Application Consulting & Engineering (ACE) Team