Microsoft “Fuzzing key is behind Office security success”
A wave of attacks targeting Microsoft Corp.'s Office 2003 last year taught the company some tough security lessons it's now aggressively applying, a Microsoft software engineer said today.
"When Office 2003 shipped, we thought we'd done some good work and that it would be a secure product," said David LeBlanc, a senior software development engineer with the Office team. "For the first two years after release, it held up really well, only two bulletins. [But] then people shifted their tactics and started finding problems in fairly large numbers."
LeBlanc, one of the proponents of Microsoft's Security Development Lifecycle (SDL) initiative, and Michael Howard, the co-author of Writing Secure Code for Vista, referred to the spate of attacks in 2006 that exploited numerous vulnerabilities in Office 2003's file formats. The suite's core applications -- Word, Excel and PowerPoint -- were all patched multiple times last year.
Microsoft, Microsoft Office, Office 2003, Fuzzing, SDL, Microsoft Security
No comment yet
-
Pingback from 1idiot » Microsoft “Fuzzing key is behind Office security success” says:December 10th, 2007 at 12:30 am
[...] Check it out! While looking through the blogosphere we stumbled on an interesting post today.Here’s a quick excerpts Office 2003 last year taught the company some tough security lessons it’s now aggressively applying, a Microsoft software engineer said today. “When Office 2003 shipped, we thought we’d done some good work and that it would be a … [...]
-
Pingback from 2Microsoft “Fuzzing key is behind Office security success” | MS Office Security Watch says:October 27th, 2007 at 11:03 am
[...] is the original: Microsoft â??Fuzzing key is behind Office security successâ?? blogging entertainment fashion hardware internet key news security software success technology tips [...]
Leave a Response
