Well, we are finally starting to see some nice weather in Seattle! I don't know if there is a better place to be on a sunny day!

BETA2 of Microsoft Threat Analysis & Modeling v2.0 (formerly codenamed “ACE Torpedo”) is now available for download here . Check out this blog for more info: http://blogs.msdn.com/threatmodeling/ For those of you that haven't downloaded...

It seems like more and more developers are making security mistakes when dealing with sockets. See if you can Spot the Bug. void Socket_Setup(void) { WORD wVersionRequested; WSADATA wsaData; wVersionRequested = MAKEWORD( 2, 2 ); ::WSAStartup(wVersionRequested...

Great discussion on the last bug. For those of you that took a look at it, it dealt with insecure use of cryptography resulting in exposure to dictionary attacks. Here's a new one: class CDatabase { private: HANDLE m_hwndMutex; public: void InitDBConnection...

Wow, we had great feedback on the last bug. Someone emailed me and said that the biggest bug was the blue font on the black background. :) Here is another fun bug - Courtesy of Neelay Shah, Consultant, Foundstone class CUserManager { public: void CreateLogin...

For those of you that don't know, Seattle doesn't typically get snow. Sure, it snows in the mountains and keeps us snowboarders and skiers happy, but the city is fairly mild. It actually snowed today in Seattle, Redmond, and surrounding cities, and people...

Some people commented that the last bug was too easy, and it was, but buffer overruns are still common enough that I wanted to send the point home. This one is a bit more challenging. Courtesy of Neelay Shah, Consultant, Foundstone void Socket_Setup(...

It has been a while since the last bug was up. We certainly had some great discussion around it. I will try to get more bugs up on the site on a regular basis to keep everyone on their toes at all times :-) Courtesy of Neelay Shah, Consultant (Foundstone...

It's been a little while since we've had a new bug up. We had some good feedback on the last one. Here is a shorter one: Courtesy of Shanit Gupta, Consultant (Foundstone) try { ElevatePrivilege(); ReadSecretFile(); LowerPrivilege(); } catch(FileException...

If you haven't taken a look at the solution to the last bug, please do so. There were 4 bugs in that short chink of code -- all of which are found in Visual Studio 2005! One is issued as a compiler warning and the other 3 are found by PREfast. Here...

I created this bug a couple of weeks ago for a conference I spoke at to illustrate how so few lines of code could be so buggy. Where's the bug here? char dest[50], src[100]; int x, y; if (x=1) { strcpy(dest,src); dest[50] = '\0'; } return y;...

I think the last bug stumped a few people. Can you find the security vulnerability in this one? Courtesy of Neelay Shah, Consultant, Foundstone #define STD_HASH_LEN 11 #define MAX_HASH_LEN 31 char * strPassHash = (char*)malloc(sizeof(char)*STD_HASH_LEN...

Alright all, here is the next bug. This one is courtesy of Mike Howard. __ declspec ( noinline ) void * AllocBlocks(size_t cBlocks) { // allocating no blocks is an error if (cBlocks == 0) return NULL; // Allocate enough memory // Upcast the...

If you have a few minutes, check this out. It is hilarious!!! www.escapeYESTERWORLD.com

The first bug was just a warm-up and people were asking for a more difficult bug. What's wrong with this chunk of code, and better yet, how do you fix it? Courtesy of Shanit Gupta, Consultant, Foundstone private HttpCookie SessionIdentifier () { HttpCookie...

Alright all - here is the bug for July 18. This should be an easy one to find. Any takers? :-) #define MAX (50) char szDest[MAX]; strncpy(szDest,pszSrc,MAX); pszDest[MAX] = '\0'; Solution: Nice job on this one, everyone! As most of you found...

We are launching a new section to the MSDN Developer Security Center called spot the bug. This allows you the see if you have what it takes to find a security vulnerability. This will be up on the MSDN Security Developer Center shortly, but in the meantime...

This document outlines the security-related process improvements we have put in place at Microsoft. http://msdn.microsoft.com/security/sdl

I spoke with Don Kiely today, who will be my partner in crime at TechEd in discussing Whidbey Security Enhancements. One of the first things that I found out is that we went to college a couple of hours away. Shortly after insulting each other and saying...

Check out Jay's latest blog entry . I think this is a great opportunity for companies who want to make sure their application runs well on the .NET Framework 2.0. This way we can ensure we have logged any bugs that might crop up when you migrate your...

I moved to Seattle not too long ago. I heard stories of the constant rain and dreary days. Needless to say, this has been all but a typical winter. In fact, this is one of the worst winters in history in Seattle (worst in the sense of almost no snow)...

Getting a Head Start on App Security December 7, 2004 3 comments posted Add your opinion With security on the minds of IT managers more than ever, some companies are addressing the issue even before applications...

Microsoft Recommended Best Practice Microsoft encourages that as a best practice developers write their applications to execute with the least privileges to get the job done. The reason for doing this is quite simple – if an attacker creates a security...