Users login

Create an account »


Users login

Home » Hacking News » Flaw in Microsoft developer tool

Flaw in Microsoft developer tool

by Nikola Strahija on February 15th, 2002 It has found a security flaw in Microsoft's newly released tool for building software for Internet-based transactions. Gary McGraw, chief technology officer of Cigital of Dulles, Va., said a feature designed to prevent hacker attacks may actually leave systems vulnerable.

The discovery, first reported in The Wall Street Journal, affects Microsoft .NET developer tools, which the company released to thousands of developers in a lavish event Wednesday in San Francisco.

Disclosure of the flaw comes a month after Gates announced that Microsoft would undergo a companywide strategy shift to focus on security above all else. The announcement followed a series of embarrassing security flaws in Microsoft products.

Because .NET relies on customers storing personal information within Microsoft products, analysts have said Microsoft must improve its reputation for security failures if .NET is to be a success.

The latest flaw is in a tool for developing software, so it would not immediately make consumers vulnerable to a hacker attack. However, it could lead developers to build software that was vulnerable to hackers.

Microsoft spokesman Jim Desler said the software giant was investigating the report. He chastised Cigital for making the findings public before working in depth with Microsoft.

Microsoft security officials have argued that by publicizing possible security flaws before Microsoft has had a chance to develop fixes, security firms may be leaving systems vulnerable to attack.

Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.


Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »