Barney's Blog

Blog archive

Microsoft Not the Only Technology with Holes

Critics love to beat up on Microsoft for its security. But in its defense, Redmond is clearly the biggest and most fun hacker target. It also has a ton of products. So it makes sense that holes will be found and attacks mounted.

Microsoft, at least once a month, discloses (and closes) these holes in a very public way. Meanwhile, the Web has no Patch Tuesday, and consequently its holes can stay open for a long, long time.

In fact, according to security concern Cenzic, some 70 percent of the Web apps it looked at lacked secure communications. Two-thirds of these apps were deemed "easily exploitable." In many cases, there's no system in place or real plan to improve Web security and plug holes. The two biggest vulnerabilities, Cenzic reported, are SQL injections and cross-site scripting.

Posted by Doug Barney on May 14, 2008 at 11:52 AM


Featured

  • Orgs Now Getting the New Outlook for Windows

    The new Outlook for Windows 11 app is now at the "general availability" release stage for personal users, but it's also "enterprise ready."

  • Four New Microsoft Surface Devices Unveiled at Event

    Four new Surface devices for businesses were announced during Microsoft's fall hardware event.

  • Cisco To Buy Splunk for $28B

    Cisco announced it is acquiring security and IT solutions provider Splunk for about "$28 billion in equity value."

  • Copilot for Windows 11 Available September 26

    Microsoft Also announced new Copilot features coming to Bing, Edge and Microsoft 365.