January 2008 - Posts

Templatized Min/Max Solved!
I had some time to think about the overall problem, and had originally thought of a functional approach, like so: template <typename R, typename T, typename U> R Max(T t, U u); This has all the information we need to check for truncation on return, Read More...
Posted 30 January 08 06:42 by david_leblanc | 1 Comments   
Couple of good posts
The SDL blog has some good comments - http://blogs.msdn.com/sdl/archive/2008/01/29/sexy-development-lifecycle.aspx For the last several years, there was the Software Security Summit conference where developers could come to learn about security. The bummer Read More...
Posted 29 January 08 08:30 by david_leblanc | 0 Comments   
Templatized Min/Max is a bad idea!
Ah, back to nice geeky C++ programming topics, which is much more fun than angry customer topics… Some well-meaning soul wrote this: template<typename T, typename U> T TMax(T t, U u){ return t > u ? t : u; } Let me count the bugs – first of all, Read More...
Posted 24 January 08 09:28 by david_leblanc | 3 Comments   
A good reason to install SP3
If you haven't already seen this , take a look. A brief quote: Microsoft Security Advisory (947563) Vulnerability in Microsoft Excel Could Allow Remote Code Execution Published: January 15, 2008 Microsoft is investigating new public reports of a vulnerability Read More...
Posted 16 January 08 01:36 by david_leblanc | 2 Comments   
How we know which file formats are used
A reader wrote to ask me how it is that we know what file formats are being opened by users. I can assure you that neither the Bavarian Illuminati, UFOs nor 3-letter agencies flying black helicopters have anything at all to do with this. We're also not Read More...
Posted 14 January 08 04:27 by david_leblanc | 1 Comments   
Office SP3 and File formats
In Office 2007, we changed the default to disable a number of older file formats where we saw very low usage and a high security risk in our code that loads these formats. From the security standpoint, this is the right thing to do. From the data we have Read More...
Posted 04 January 08 04:26 by david_leblanc | 14 Comments   
USB Virtual PC’s
I was browsing the news this morning, and ran across an article - Virtual PCs add new layer of security . They claim: MojoPac virtual PCs are not just designed for mobile use. They can protect users who share the same computer. A virus introduced by one Read More...
Posted 03 January 08 12:16 by david_leblanc | 3 Comments   
Page view tracker