Barney's Blog

Blog archive

Microsoft Not the Only Technology with Holes

Critics love to beat up on Microsoft for its security. But in its defense, Redmond is clearly the biggest and most fun hacker target. It also has a ton of products. So it makes sense that holes will be found and attacks mounted.

Microsoft, at least once a month, discloses (and closes) these holes in a very public way. Meanwhile, the Web has no Patch Tuesday, and consequently its holes can stay open for a long, long time.

In fact, according to security concern Cenzic, some 70 percent of the Web apps it looked at lacked secure communications. Two-thirds of these apps were deemed "easily exploitable." In many cases, there's no system in place or real plan to improve Web security and plug holes. The two biggest vulnerabilities, Cenzic reported, are SQL injections and cross-site scripting.

Posted by Doug Barney on 05/14/2008 at 1:15 PM


Featured

  • Getting a Handle on Hyper-V Virtual NICs

    Hyper-V usually makes it easy to configure virtual network adapters within VMs. That is, until you need to create a VM containing multiple virtual NICs.

  • Microsoft Highlights Emerging Kubernetes Scalability and Governance Efforts

    Microsoft this week highlighted some emerging efforts to improve both the scalability and governance of the open source Kubernetes container orchestration service.

  • Microsoft Ending Azure Container Service Support in 2020

    Microsoft gave notice earlier this month that it will be ending its Azure Container Service on Jan. 31, 2020.

  • Microsoft Releases Surface Diagnostic Toolkit for Business

    Microsoft released a new tool, Surface Diagnostic Toolkit for Business, earlier this month, providing a means for IT pros to find and troubleshoot problems on Microsoft Surface devices.

comments powered by Disqus
Most   Popular

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.