More Security Holes: Besides the latest security holes with windows, I've added a security hole on Microsoft.com to my list of stupid webmaster security holes page here. That page has sites that still have not fixed a problem dubbed XSS (Cross Site Scripting) made public by CERT over 4 years ago! Someone has also gone through the trouble of creating a website devoted to these types of problems at www.crosszone.org/crosszone/. Report you own discoveries, they are rather easy to find.