backtop


Print 15 comment(s) - last by .. on Aug 22 at 12:41 PM

Microsoft says most vulnerabilities are in software stack not OS

Microsoft produces the world's most popular operating system: Windows. The big problem with being the most popular OS is that there are a hoard of vulnerabilities in software and the OS that malicious users attack to gain control of a user's computer or perform other nefarious deeds.

Microsoft was at the Black Hat conference in Las Vegas this week to provide information on the progress of some of the security initiatives that it launched last summer. The software giant was also on hand to launch new security tools and offer information to support efforts to improve security.

Microsoft's Mike Reavey said, "There's a race between attackers and defenders and if we want to win, we have to share information."

Among the software tools, that Microsoft was unveiling at the show is an application called the Microsoft Office Visualization Tool, which is designed to provide a visual representation of the Office binary file. MS says that the software is intended to make it easier for programmers to understand how attacks target Office filed. Microsoft reports that most attacks target software rather than the operating system itself. In the second half of 2008, almost half of the attacks were targeting the application stack rather than the OS.

Among the other projects, Microsoft announced at the Black Hat Conference was Project Quant. Project Quant is an online information resource to provide enterprise users with a framework to estimate the cost of patch management resources for the software and OS' they have in use. Microsoft is also publishing a report at the conference called Microsoft Security Update Guide that explains the entire security update process.

The software giant is also publishing another report called Microsoft Active Protections Program (MAPP), which supplies vulnerability information to security partners prior to the release of new security patches. Two other components discussed in the report are the Microsoft Exploitability Index and the Microsoft Vulnerability Research. Microsoft didn't mention anything at the conference about the fate of its beta consumer anti-virus software.





Comments     Threshold


This article is over a month old, voting and posting comments is disabled

just a typo
By CvP on 7/27/2009 1:48:29 PM , Rating: 2
MS says that the software is intended to make it easier for programmers to understand how attacks target Office filed .




Hmmm...
By sprockkets on 7/27/2009 4:08:30 PM , Rating: 2
Now that the OS is hard to hit, now it is time to go after people like Adobe with Flash.

Btw, "MS says that the software is intended to make it easier for programmers to understand how attacks target Office filed."

Hey, if you typed it up, I can understand that the d and s are close together.




the irony again?
By dare2savefreedom on 7/27/09, Rating: 0
RE: the irony again?
By dare2savefreedom on 7/27/09, Rating: -1
RE: the irony again?
By chick0n on 7/28/2009 12:50:22 AM , Rating: 3
so who should talk Security? Apple and its "oh its garbage" Mac OS? oh wait, they didnt even create the Kernel themselves ? ROFL

Microsoft is the biggest so it will always be the first target, get it dumbass ?


By on 8/22/2009 12:41:06 PM , Rating: 2
quote:
http://www.bbcloth.com
http://www.bbcloth.com

(air jordan, air max, shox tn, rift, puma, dunk sb, adidas) nike jordan shoes 1-24 $32
lv, coach, chane bag $35
COOGI(jeans, tshirts, hoody, jacket) $30
christian audigier(jeans, tshirts, hoody) $13
edhardy(shoes, tshirts, jeans, caps, watche, handbag) $25
Armani(jeans, tshirts,) $24
AF(jeans, coat, hoody, sweater, tshirts)Abercrombie & Fitch $31

quote:
http://www.bbcloth.com
http://www.bbcloth.com




By on 8/22/2009 12:41:11 PM , Rating: 2
quote:
http://www.bbcloth.com
http://www.bbcloth.com

(air jordan, air max, shox tn, rift, puma, dunk sb, adidas) nike jordan shoes 1-24 $32
lv, coach, chane bag $35
COOGI(jeans, tshirts, hoody, jacket) $30
christian audigier(jeans, tshirts, hoody) $13
edhardy(shoes, tshirts, jeans, caps, watche, handbag) $25
Armani(jeans, tshirts,) $24
AF(jeans, coat, hoody, sweater, tshirts)Abercrombie & Fitch $31

quote:
http://www.bbcloth.com
http://www.bbcloth.com




chirp chirp
By dare2savefreedom on 7/27/09, Rating: -1
RE: chirp chirp
By CSMR on 7/27/2009 2:35:04 PM , Rating: 2
RE: chirp chirp
By dare2savefreedom on 7/27/2009 9:31:01 PM , Rating: 2
wow - too bad you didnt read:

Microsoft Office 2010 will be the first version to implement the ISO/IEC 29500:2008 compliant version of Office Open XML

so give us the file format spec for what you are shipping office 2007?


RE: chirp chirp
By King of Heroes on 7/27/09, Rating: 0
RE: chirp chirp
By InternetGeek on 7/27/2009 4:53:29 PM , Rating: 2
They use Open XML. Don't believe me?

Take .DOC, change the extension to .ZIP, unzip. Have fun.


RE: chirp chirp
By dare2savefreedom on 7/27/2009 9:32:43 PM , Rating: 2
I did take a .doc from office 2007 and guess what it don't unzip.
thanks forest.


RE: chirp chirp
By XtremeM3 on 7/28/2009 2:27:36 AM , Rating: 2
Well then apparently you cannot follow instructions. Because it does work.


RE: chirp chirp
By noirsoft on 7/28/2009 4:51:51 AM , Rating: 5
Both sides are wrong.

You need to use a .docx file (not .doc) .doc is the 2003 and prior file format.


"DailyTech is the best kept secret on the Internet." -- Larry Barber
Related Articles













botimage
Copyright 2016 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki