Buffer Overflows Reported As Top Threat

Web application vulnerabilities such as cross-site scripting (XSS) and SQL injection may be widespread, but old-fashioned buffer overflow bugs are the most common flaws reported, according to new vulnerability research from Telus. And in case you were wondering, Microsoft's aggressive initiative to shore up its product security appears to be paying off -- the level […]

Web application vulnerabilities such as cross-site scripting (XSS) and SQL injection may be widespread, but old-fashioned buffer overflow bugs are the most common flaws reported, according to new vulnerability research from Telus.

And in case you were wondering, Microsoft's aggressive initiative to shore up its product security appears to be paying off -- the level of severity of bugs in the software giant's products is declining significantly, according to a security research arm of telecommunications firm Telus.

Telus, which provides vulnerability research analysis to most of the 20 top security vendors -- including IBM ISS and McAfee -- bases its data on vulnerabilities reported in enterprise-class products. The company historically hasn't released that data to the public, but last week it discussed some of the findings at the SecTor security conference in Toronto.

Full Article

Vulnerability, Exploit