Barney's Blog

Blog archive

Microsoft Not the Only Technology with Holes

Critics love to beat up on Microsoft for its security. But in its defense, Redmond is clearly the biggest and most fun hacker target. It also has a ton of products. So it makes sense that holes will be found and attacks mounted.

Microsoft, at least once a month, discloses (and closes) these holes in a very public way. Meanwhile, the Web has no Patch Tuesday, and consequently its holes can stay open for a long, long time.

In fact, according to security concern Cenzic, some 70 percent of the Web apps it looked at lacked secure communications. Two-thirds of these apps were deemed "easily exploitable." In many cases, there's no system in place or real plan to improve Web security and plug holes. The two biggest vulnerabilities, Cenzic reported, are SQL injections and cross-site scripting.

Posted by Doug Barney on May 14, 2008


Featured

  • Microsoft to Shut Down Skype Services

    Microsoft will discontinue its Skype telecommunications and video calling services on May 5, 2025, marking the end of the platform's decades-long run.

  • Microsoft Confirms End of HoloLens Mixed Reality Hardware

    Microsoft officially announced this week that it is discontinuing its HoloLens mixed reality hardware, marking the end of its efforts in the space.

  • Microsoft Rolls Out Final Cumulative Update for Exchange Server 2019

    On Monday, Microsoft released the last major update for Exchange Server 2019. The aging Exchange Server is set to lose support on Oct. 14, 2025.

  • Windows 11 Installation Streamlined for New Devices

    Microsoft is introducing new policy changes that will give IT administrators greater control over Windows 11 updates during the initial setup of new devices.

Most   Popular