Free Newsletter
Register for our Free Newsletters
Access Control
Deutsche Zone (German Zone)
Education, Training and Professional Services
Government Programmes
Guarding, Equipment and Enforcement
Industrial Computing Security
IT Security
Physical Security
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor

Code audit advice for new XP-based software

Fortify : 25 May, 2009  (Technical Article)
New applications to run under Windows XP will require stringent code auditing as Microsoft reduces support levels for the most popular version of its operating system
Fortify Software is advising anyone working on customised or new applications running under Windows XP to beef up their code auditing procedures.

The advice comes as Microsoft has moved its support programme for Windows XP into extended support mode, meaning that the software giant is stepping its support for the still-popular operating system down a notch or two,

'Extended support for Windows XP will continue until April 2014, but this month's support move means that smaller firms will find it more difficult to get telephone support for Windows XP,' said Barmak Meftah Senior Vice President Products & Technologies for Fortify.

'Microsoft has said it will continue to patch the operating system in response to code vulnerabilities as they are discovered, as well as issue hot fixes as and when required,' he added.

According to Meftah, as well as continuing to security code audit any new and updated Windows XP applications, companies should also review their patching procedures, and ensure that security testing forms an integral part of their software development processes.

Because Microsoft is continuing to issue hot fixes for Windows XP, he explained, this means that some of the kernel code for the operating system could be changed in the future, so it is important that any company using customised or new XP-driven software is aware of the heightened need for auditing their program code.

And whilst major companies can still obtain customised support for Windows XP for Microsoft - at a premium charge - this type of support is not normally open to smaller companies.

This means such companies may have to turn to third-party firms for Windows XP support, where previously they used Microsoft support on a pay-as-you-go or subscription basis.

'This all adds an extra layer of risk to the integrity of the program coding process and companies need to be aware of this. Adding code auditing to the software development lifecycle can be a lower-cost option than using premium support services,' he added.

'And companies should also be aware that a multi-layered approach to IT security can also reduce any risks, but code auditing definitely now needs to be higher up the IT security agenda,' he added.

Bookmark and Share
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
   © 2012
Netgains Logo