An important update to the Microsoft Web Protection Library (AntiXSS Library v4.2.1) is available at
http://wpl.codeplex.com/releases/view/80289The reason for the update is as follows:
"This release addresses a vulnerability in the HTML Sanitizer, MS12-007
http://technet.microsoft.com/en-us/security/bulletin/ms12-007 and adds full support for .NET 4.0 as well as restoring support for .NET 2.0.
The
sanitizer has been changed to remove all CSS it encounters, this new
behaviour means that if you were keeping CSS formatting from HTML that
is no longer going to be the case."
I endorse the support team's comment "
It is highly recommended you apply this new version as soon as possible."