Barney's Blog

Blog archive

Microsoft Not the Only Technology with Holes

Critics love to beat up on Microsoft for its security. But in its defense, Redmond is clearly the biggest and most fun hacker target. It also has a ton of products. So it makes sense that holes will be found and attacks mounted.

Microsoft, at least once a month, discloses (and closes) these holes in a very public way. Meanwhile, the Web has no Patch Tuesday, and consequently its holes can stay open for a long, long time.

In fact, according to security concern Cenzic, some 70 percent of the Web apps it looked at lacked secure communications. Two-thirds of these apps were deemed "easily exploitable." In many cases, there's no system in place or real plan to improve Web security and plug holes. The two biggest vulnerabilities, Cenzic reported, are SQL injections and cross-site scripting.

Posted by Doug Barney on May 14, 2008 at 11:52 AM


Featured

  • The 2020 Microsoft Product Roadmap

    From the next major update to Windows 10 to the next generations of .NET and PowerShell, here's what's on tap from Microsoft this year.

  • Microsoft Releases Migration Manager for SharePoint Server

    Microsoft this week announced updates to the SharePoint Migration Tool, plus commercial release of Migration Manager.

  • Version 2004 of Windows 10, Windows Server Released

    Microsoft announced the latest update milestones for Windows 10 and Windows Server this week.

  • Microsoft Projects Q4 Release for Universal Print Solution

    Microsoft's plan to alleviate organizations of the pain of managing print servers continues to take shape.

RCP Update

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.