To fix software flaws, Microsoft invites attack

Monday, 29 September 2003, 9:13 AM EST

Microsoft's Security Response Center is the computing equivalent of a hospital emergency ward. When a problem comes in the door the center's director, Kevin Kean, and his staff must swiftly make an assessment: Is the security weakness detected in a Microsoft software product only minor? Or is it possibly so serious that, if exploited by a vandal's malicious code (as happened last month with the Blaster worm) it might crash computers and networks around the world?

If the threat appears grave, the problem goes immediately into the center's emergency operating room, where it is attended to by a team of Microsoft engineers, working nearly round-the-clock to analyze the flawed code, anticipate paths of attack, devise a software patch to fix the defect and alert millions of customers of the problem and the patch.

"It's triage and emergency response so it's a lot like an E.R. ward in that sense," Mr. Kean observed last week.

[ Read more ]




Spotlight

Operation Pawn Storm: Varied targets and attack vectors, next-level spear-phishing tactics

Posted on 23 October 2014.  |  Targets of the spear phishing emails included staff at the Ministry of Defense in France, in the Vatican Embassy in Iraq, military officials from a number of countries, and more.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Oct 24th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //