Microsoft: High Vulnerability Count is Sign of Success

Author: Ryan Naraine

November 2, 2009 6:04 pm

Microsoft Corp. pours more money into software security than any other
major vendor both because it has to and because it can. Yet for all the
investments in security, the number of vulnerabilities discovered in
the company’s products has increased over the years, prompting
questions over whether the company has reached the limits of its
ability to debug software.

Microsoft Corp. pours more money into software security than any other
major vendor both because it has to and because it can. Yet for all the
investments in security, the number of vulnerabilities discovered in
the company’s products has increased over the years, prompting
questions over whether the company has reached the limits of its
ability to debug software.

However, in this interview with Computerworld, Microsoft senior director of security engineering Steve Lipner makes the argument that the high flaw count means that the company’s Security Development Lifecycle (SDL) approach is working
as it was meant to and is a sign of success at Redmond. Read the full interview [infoworld.com]

Suggested articles

Babuk Locker Ransomware attack

New Year, New Ransomware: Babuk Locker Targets Large Corporations

Despite being a mostly run-of-the-mill ransomware strain, Babuk Locker’s encryption mechanisms and abuse of Windows Restart Manager sets it apart.

telegram user location

Telegram Triangulation Pinpoints Users’ Exact Locations

The “People Nearby” feature in the secure messaging app can be abused to unmask a user’s precise location, a researcher said.

biggest headlines 2020

The 5 Most-Wanted Threatpost Stories of 2020

A look back at what was hot with readers — offering a snapshot of the security stories that were most top-of-mind for security professionals and consumers throughout the year.