Don Parker Blog RSS

All Blogs  »  Don Parker Blog  »  Security Central  »  Blog article: Microsoft Windows exploits

Microsoft Windows exploits

Well it would seem that most exploit developers have taken aim at the Microsoft Windows Office suite of applications for bug hunting. They have indeed found a rich harvest. It is actually a pleasant surprise that so far IIS 6 has not fallen to remote code execution, or at least not publicly anyways. There have been some rumors gathering as of late over just that, but I have not heard anything concrete, and certainly not seen any POC. I will be most curious to see when and if IIS 6 does fall to RCE. Either way, Microsoft still has a long ways to go before secure coding takes a front-seat in their coding life-cycle. Much like they did with IIS 6, perhaps they should always hire high priced talent such as Dave Aitel, HD Moore, Mike Sues, or other such talent to vet their code trees. Would likely save them a lot of embarassment.

Technorati Tags: , , , , ,

This entry was posted on Tuesday, November 21st, 2006 at 6:22 pm and is filed under Security Central. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Leave a Reply

This is a captcha-picture. It is used to prevent mass-access by robots. (see: www.captcha.net)

You must read and type the 5 chars within 0..9 and A..F, and submit the form.

  

If CAPTCHA image is missing or you cannot read the characters above, please generate a




Receive all the latest articles by email!

Receive Real-Time & Monthly WindowSecurity.com article updates in your mailbox. Enter your email below!
Click for Real-Time sample & Monthly sample

Become a WindowSecurity.com member!

Discuss your security issues with thousands of other network security experts. Click here to join!

Community Area

Log in | Register

Solution Center