The annual Security issue of MSDN is out, and you should find a copy in your local book or magazine store. Or, if you like, you can read the issue online at http://msdn.microsoft.com/msdnmag.

 

I wrote an article in this issue outlining a method to reduce attack surface, you can read it here http://msdn.microsoft.com/msdnmag/issues/04/11/AttackSurface/default.aspx. I really believe attack surface reduction is just as important as security education, code reviews, threat models, coding best practice, better libraries, defensive methods (firewall, /GS, NX etc) security testing, fuzz testing and so on.


Why do I think it's so important? Read the article and find out :)

 

Finally, you can look at back issues of the MSDN Security issues here:

 

2003 - http://msdn.microsoft.com/msdnmag/issues/03/11/

2002 - http://msdn.microsoft.com/msdnmag/issues/02/09/