McAfee opens mouth, inserts foot. Again. So does anarchic-teapot.
"Despite the proliferation of XSS attacks, McAfee's ScanAlert, which provides daily audits of ecommerce websites to certify them "Hacker Safe" gives clients the thumbs up even when XSS vulnerabilities are discovered on their pages."
John McAfee continues his tradition of after-the-fact security for at least twelve years. You have him to thank for convincing the media, and therefore the public, to use reactive anti-virus technology.
"Many thanks to Microsoft, who started the whole HTML-email crap, and persisted despite numerous warnings of security risks."
Mister Teapot, in the process of calling the kettle black, you forgot that you have Netscape Communications to blame for this one.
I'd have taken the older scourge of winmail.dat attachments over HTML e-mail, brought to you by Netscape.