Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Windows 7 vulnerabilities highlight need for code auditing

Fortify : 06 November, 2009  (Technical Article)
Fortify is unsurprised by recent report that Windows 7 is highly vulnerable to viruses and is an example of a clear code auditing regime for software developers
A blog report from Sophos that Windows 7, the newly-released Microsoft operating system, is vulnerable to 80 per cent of viruses comes as no surprise says Fortify, the application vulnerability specialist.

'Chester Wisniewski's observations that, on a clean machine, Win7 became infected with eight out of the ten viruses tested sounds bad, but, in our opinion, this is indicative of the sheer volume of code that goes into operating systems today,' said Richard Kirk, Fortify's European director.

'When you factor in the issue that there are often more than a million lines of code in a typical Windows application, you begin to understand the scale of the problem for software developers,' he added.

According to Kirk, the only piece of good news to come out of the Win7 vulnerability reports is that two of the eight pieces of malware loaded in the tests did not run correctly under the new operating system.

And, he went on to say, since there are a range of free-to-use anti-malware applications - as well as a plethora of low-cost pay-for IT security suites available - the problem is not a major one for most Win7 users.

When you realise that most new machines come bundled with some form of IT security software, it's not such a big deal, Mr Kirk explained.

'The volume of code-auditing and checking that is required for a modern operating system and its applications software is a big deal, however, and one that companies using customised or in-house-developed applications should be aware of,' he said.

'This is one of the reasons our company was founded and, as our growing base of clients have discovered,addressing security issues throughout the software development process can save a lot of grief further down the line,' he added.
Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo