http://www.computerworld.com/action/article.do?command=viewArticleBasic&taxonomyName=security&articleId=331750 By Gregg Keizer January 5, 2009 Computerworld Microsoft Corp. developers overlooked a critical bug in the Internet Explorer browser because of a lack of adequate testing tools and training, a company official acknowledged last month. The flaw, which Microsoft patched last week with an emergency update, had gone undetected for at least nine years. Michael Howard, a principal security program manager who has been a proponent of the company's secure code-development process, said that Microsoft programmers had not been taught to look for the type of vulnerability that hit the data-binding function of IE. [...] _______________________________________________ Please help InfoSecNews.org with a donation! http://www.infosecnews.org/donate.htmlReceived on Mon Jan 05 2009 - 22:32:01 PST
This archive was generated by hypermail 2.2.0 : Mon Jan 05 2009 - 22:38:30 PST