|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: InfoSec News (alerts
infosecnews.org)
Date: Tue Jan 06 2009 - 00:32:01 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
http://www.computerworld.com/action/article.do?command=viewArticleBasic&taxonomyName=security&articleId=331750
By Gregg Keizer
January 5, 2009
Computerworld
Microsoft Corp. developers overlooked a critical bug in the Internet
Explorer browser because of a lack of adequate testing tools and
training, a company official acknowledged last month.
The flaw, which Microsoft patched last week with an emergency update,
had gone undetected for at least nine years.
Michael Howard, a principal security program manager who has been a
proponent of the company's secure code-development process, said that
Microsoft programmers had not been taught to look for the type of
vulnerability that hit the data-binding function of IE.
[...]
_______________________________________________
Please help InfoSecNews.org with a donation!
http://www.infosecnews.org/donate.html
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]