“They said all their code went through security review, and a lot of that code base was Windows Server 2003. It looks like they need to pull back and do a more exhaustive code review,” says Michael Rasmussen, a director at Forrester Research. With all of the attacks on Microsoft (Nasdaq: MSFT) software the past few months, it is increasingly hard to chalk it up to the fact that Microsoft products are the most widely used in the industry, and are therefore the prime target for black hatters. Are Microsoft’s coding practices and product-development teams just not as attuned to security as they should be? If they have not been in the past, they will be if Microsoft’s new security road map is successful. Besides changing new software that already is written — to batten down the hatches when it comes to default features — Microsoft also is trying to plug holes in legacy products. But to do that requires the cooperation of its customers, and patching can be a tough sell. Is Microsoft doing enough to secure its software? Industry experts are not so sure. Full Story
About OODA Analyst
OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.