diTii.com Digital News Hub

Sign up with your email address to be the first to know about latest news and more.

I agree to have my personal information transfered to MailChimp (more information)

Sep222007

Microsoft “Fuzzing key is behind Office security success”

A wave of attacks targeting Microsoft Corp.’s Office 2003 last year taught the company some tough security lessons it’s now aggressively applying, a Microsoft software engineer said today.

“When Office 2003 shipped, we thought we’d done some good work and that it would be a secure product,” said David LeBlanc, a senior software development engineer with the Office team. “For the first two years after release, it held up really well, only two bulletins. [But] then people shifted their tactics and started finding problems in fairly large numbers.”

LeBlanc, one of the proponents of Microsoft’s Security Development Lifecycle (SDL) initiative, and Michael Howard, the co-author of Writing Secure Code for Vista, referred to the spate of attacks in 2006 that exploited numerous vulnerabilities in Office 2003’s file formats. The suite’s core applications — Word, Excel and PowerPoint — were all patched multiple times last year.

Full Article

Microsoft, Microsoft Office, Office 2003, Fuzzing, SDL, Microsoft Security

Share This Story, Choose Your Platform!

Do NOT follow this link or you will be banned from the site!