Microsoft Security Patch Said Ineffective

A Microsoft Corp. MSFT.O program designed to plug a common security hole is vulnerable to the very attack it was designed to prevent, the Wall Street Journal alleged in a report on Thursday, citing a prominent security consulting firm.

Last month Microsoft Chairman Bill Gates announced a company-wide initiative to improve the security features of its products.

Microsoft on Wednesday unveiled a collection of programming tools, including a new version of a special-purpose program that it modified to try to prevent a common hacker attack called buffer overflows, the Journal said.

Researchers at Cigital, of Dulles, Va., found that Microsoft apparently adopted a technique that has been used with the Linux operating system and shown to be vulnerable to attack, the Journal said.

As a result, the program, called Visual C++.NET, could lead programmers to write even more programs that are vulnerable to buffer-overflow attacks, the Journal alleged.

Microsoft was not immediately available to comment.

News source: Reuters

Report a problem with article
Next Article

BootXP 1.50 RC1

Previous Article

Hello to my fellow Neowinians