Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

ActiveX vulnerability illustrates difficulty in fixing flaws

Fortify : 11 July, 2008  (Technical Article)
Continual discovery and rectification of flaws in applications illustrates the need for pro-active protection against IT threats
Fortify Software says a set of ActiveX security bugs reported this week prove the firm's observations that security flaws are likely with almost any piece of applications software.

'This latest ActiveX flaw centres on the Snapshot Viewer ActiveX control, which is a feature of most versions of Microsoft Office Access,' said Rob Rachwald, Fortify's director of product marketing.

'Microsoft is tackling the problem, which seeks to lure Access users to a modified Web page that then attempts to execute the attack code within Internet Explorer, but I think that Microsoft is doing its best to solve the flaw in a timely and effective manner,' he added.

According to Rachwald, it is interesting to note that Adam Shostack, one of Microsoft's IT security gurus, has commented recently on the difficulty of going back and fixing code that was never designed with a software development life-cycle.

Although Microsoft is doing a really good job of finding and fixing issues since it has placed a new emphasis on security, it's still a difficult task to find all bugs,' he explained.
Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo