Lessons learned from the Animated Cursor Security Bughttp://blogs.msdn.com/b/sdl/archive/2007/04/26/lessons-learned-from-the-animated-cursor-security-bug.aspxMichael Howard here. A core tenet of the SDL is to take and incorporate lessons learned when we issue a security update, and there is a great deal to learn from the recent animated cursor bug, MS07-017 , so I want to spend a few minutes to go overen-USTelligent Evolution Platform Developer Build (Build: 5.6.50428.7875)Microsoft postmortem on ANI bughttp://blogs.msdn.com/b/sdl/archive/2007/04/26/lessons-learned-from-the-animated-cursor-security-bug.aspx#9570103Mon, 27 Apr 2009 04:45:11 GMT91d46819-8472-40ad-a661-2c78acb4018c:9570103Paul's Down-Home Page: Exchange, messaging, collaboration, security, and more<p>Michael Howard has posted a great postmortem and lessons-learned piece on the animated cursor vulnerability recently patched in Windows. I love to see this kind of open discussion of how Microsoft's security development lifecycle (SDL) is working in practice,</p> <img src="http://blogs.msdn.com/aggbug.aspx?PostID=9570103" width="1" height="1">One Tool Does not Rule them Allhttp://blogs.msdn.com/b/sdl/archive/2007/04/26/lessons-learned-from-the-animated-cursor-security-bug.aspx#9415938Fri, 13 Feb 2009 00:44:14 GMT91d46819-8472-40ad-a661-2c78acb4018c:9415938The Security Development Lifecycle<p>Hello, Michael here... Over the last couple of years, I've released information about various Microsoft</p> <img src="http://blogs.msdn.com/aggbug.aspx?PostID=9415938" width="1" height="1">Resilience is NOT necessarily a good thinghttp://blogs.msdn.com/b/sdl/archive/2007/04/26/lessons-learned-from-the-animated-cursor-security-bug.aspx#8447194Thu, 01 May 2008 19:14:23 GMT91d46819-8472-40ad-a661-2c78acb4018c:8447194Larry Osterman's WebLog<p>I just ran into this post by Eric Brechner who is the director of Microsoft's Engineering Excellence</p> <img src="http://blogs.msdn.com/aggbug.aspx?PostID=8447194" width="1" height="1">Perchè la sicurezza applicativa è così... OSTICA ??!?http://blogs.msdn.com/b/sdl/archive/2007/04/26/lessons-learned-from-the-animated-cursor-security-bug.aspx#5823445Fri, 02 Nov 2007 02:59:54 GMT91d46819-8472-40ad-a661-2c78acb4018c:5823445Noticias externas<P>Semplice!!! Perchè non sempre è chiaro cosa sia esattamente !! Il primo mito da sfatare è che la sicurezza</P><img src="http://blogs.msdn.com/aggbug.aspx?PostID=5823445" width="1" height="1">Perchè la sicurezza applicativa è così... OSTICA ??!?http://blogs.msdn.com/b/sdl/archive/2007/04/26/lessons-learned-from-the-animated-cursor-security-bug.aspx#5822678Fri, 02 Nov 2007 02:18:15 GMT91d46819-8472-40ad-a661-2c78acb4018c:5822678Mario Fontana-Architetture Applicative e Sicurezza<p>Semplice!!! Perch&#232; non sempre &#232; chiaro cosa sia esattamente !! Il primo mito da sfatare &#232; che la sicurezza</p> <img src="http://blogs.msdn.com/aggbug.aspx?PostID=5822678" width="1" height="1">Fuzz Testing at Microsoft and the Triage Processhttp://blogs.msdn.com/b/sdl/archive/2007/04/26/lessons-learned-from-the-animated-cursor-security-bug.aspx#5016386Thu, 20 Sep 2007 21:54:17 GMT91d46819-8472-40ad-a661-2c78acb4018c:5016386The Security Development Lifecycle<p>Scott Lambert here. I work on the Security Engineering Tools team where we're responsible for researching,</p> <img src="http://blogs.msdn.com/aggbug.aspx?PostID=5016386" width="1" height="1">Windows Vista Security at 180 Dayshttp://blogs.msdn.com/b/sdl/archive/2007/04/26/lessons-learned-from-the-animated-cursor-security-bug.aspx#3445733Thu, 21 Jun 2007 20:02:52 GMT91d46819-8472-40ad-a661-2c78acb4018c:3445733Windows Vista Team Blog<p>Windows Vista recently passed the 180 day mark since it was made available to business customers. Just</p> <img src="http://blogs.msdn.com/aggbug.aspx?PostID=3445733" width="1" height="1">O bugu w ikonkachhttp://blogs.msdn.com/b/sdl/archive/2007/04/26/lessons-learned-from-the-animated-cursor-security-bug.aspx#2407763Fri, 04 May 2007 12:19:47 GMT91d46819-8472-40ad-a661-2c78acb4018c:2407763Wampiryczny blog<p>Ciekawa analiza tego, dlaczego błąd w plikach ANI znalazł się r&#243;wnież w VISTA mimo zastosowania SDL. Błędy zawsze się zdarzały i będą się zdarzać. Najważniejsze jest to, by z błęd&#243;w wyciągnąć lekcję na przyszłość. Microsoft zacz</p> <img src="http://blogs.msdn.com/aggbug.aspx?PostID=2407763" width="1" height="1">The Security Development Lifecycle - Vista bug http://blogs.msdn.com/b/sdl/archive/2007/04/26/lessons-learned-from-the-animated-cursor-security-bug.aspx#2406232Fri, 04 May 2007 09:49:14 GMT91d46819-8472-40ad-a661-2c78acb4018c:2406232Walter Stiers - Academic Relations Team (BeLux)<p>A very interesting blog: The Security Development Lifecycle It has recent posts on Security Education</p> <img src="http://blogs.msdn.com/aggbug.aspx?PostID=2406232" width="1" height="1">Microsoft Shares Lessons Learned from the Animated Cursor Security Bughttp://blogs.msdn.com/b/sdl/archive/2007/04/26/lessons-learned-from-the-animated-cursor-security-bug.aspx#2375410Wed, 02 May 2007 18:09:22 GMT91d46819-8472-40ad-a661-2c78acb4018c:2375410JrzyShr Dev Guy<p>Last month, a critical security bug was found in most versions of Windows. This bug generated a lot of</p> <img src="http://blogs.msdn.com/aggbug.aspx?PostID=2375410" width="1" height="1">