RSS

Microsoft Is The Least Of Your Worries

David Utter
Staff Writer
2006-10-19

Insider Reports RSS Feed

Even though the official announcement of the availability of Internet Explorer 7 was quickly followed by news of its first zero-day exploit, eEye founder, CTO, and chief hacking officer Marc Maiffret thinks people need to realize that when it comes to technology, it's more than a Microsoft world out there.

In technology, we have become so accustomed to worrying about potential issues with Microsoft products, like Windows or IE or Office, that we have turned a blind eye to third-party applications that have become the focus of attackers.

Photo of Marc Maiffret, founder of eEye

eEye's Maiffret sees this as being more of a problem than people who use and work with technology realize, especially in enterprises full of networked machines. When he takes the stage at GTEC in Ottawa next week, Maiffret should find it easy to prove his point.

He said a common question he will ask an audience is if they are running backup software on their networks, and if that software comes from Veritas. Being a market leader, Veritas tends to be widely used, and hands remain in the air.

"Did you react to Veritas vulnerabilities as you did to Microsoft's?" he'll ask. The all-too-common response has been to ask "What Veritas problems?" It's an example of people not worrying about third-party applications, and that's dangerous.

"If you go look at the code, you can usually find something," Maiffret suggested about some big-name third-party software. Part of the problem comes from the way those companies handle repairing such flaws.

Microsoft has been dealing with critical flaws since 1999, Maiffret said. He noted they have had a lot of practice at getting their process to distribute patches developed and deployed. It doesn't work that way for third parties whose idea of an update is to release a new version of the software that replaces a vulnerable version.

He gave iTunes as an example of a program that has had "tons of vulnerabilities." Fixing them means grabbing the latest release of iTunes, a sizable download in itself, and installing it. "Application companies don't patch like Microsoft," Maiffret said.

Here is why you should be concerned. Most zero-day exploits aimed at applications can get past network-based security, Maiffret said. For some firms, complementing the network-based approach with a host-based effort can be the way to mitigate the impact of a zero-day application exploit.

Maiffret will put The Fear into people who have not thought about security from an application standpoint. The bad guys think about it every day.

---
Tags: GTEC, Marc Maiffret

Add to

Del.icio.us |

Digg |

Yahoo! My Web |

Furl

Bookmark SecurityProNews

About the Author:
David Utter is a business and technology writer for SecurityProNews and WebProNews.

More news_security_news Articles

Insider Reports RSS Feed

Get Your Site Submitted for Free in the World's Largest B2B Directory!

Email Address:
* URL:
*
*Indicates Mandatory Field

Terms & Conditions

iEntry Featured Services: Jayde Member Services | Forums | Freeware | Advertise with Us

Featured On:

article resources

WebProWorld.com

•	Get in-touch with industry experts and leaders
•	Post your site for review by expert and peers
•	Ask Security, IT, Development and Design questions

Free Membership: Join Now!

Visit WebProWorld.com


Titan Quest Forum The #1 Titan Quest forum
Halo 3 Forum The best Halo, Halo 2, Halo 3 forum
Nintendo Wii Nintendo Wii news and views
Mac Software The best in OS X freeware
Graphics Forum Your source for graphic tutorials