Microsoft changes to ward off .ANI-type flaws
How did the super-critical animated cursor (.ani) vulnerability get past all the strict code review, fuzz testing and other defense-in-depth mitigations built into Windows Vista?
Michael Howard has the answer and he's sharing it with us in a candid explanation from Microsoft on the lessons learned from the recent zero-day attacks and some planned changes to fix some warts in the SDL (Security Development Lifecycle).
Read the article HERE.
Michael Howard has the answer and he's sharing it with us in a candid explanation from Microsoft on the lessons learned from the recent zero-day attacks and some planned changes to fix some warts in the SDL (Security Development Lifecycle).
Read the article HERE.
posted by vanish at 9:36 AM
0 Comments:
Post a Comment
<< Home