A recent update of VMWare ESX server contains many fixes, but a few of them are critical to the security of the application. Now should be the time to look in to updating VMWare on you computers.

A new XSS testing tool has been released. XSS testing tools are nothing new, however this is the first dedicated solely to testing XSS in webmail applications. Written in perl, it tests XSS in mail messages sent to an account you specify. It’s called Excess, and can be found at http://www.scanit.be/excess.html

Also, striking similarities between the Quicktime bug found in 2002 and the recent RTSP bug have been noticed. CVE 2002-0252 and 2007-6166 are very much alike each other. Has Apple reintroduced the same bug from 2002?