Welcome to MSDN Blogs Sign in | Join | Help

Michael Howard's Web Log

A Simple Software Security Guy at Microsoft!

February 2008 - Posts

The First Step on the Road to More Secure Software is admitting you have a Problem
I just wrote an article over on the SDL blog about my observations from the industry to Jeff Jones' vulnerability analysis and the lack of security progress by our competitors. Read More...
Posted: Thursday, February 21, 2008 6:31 AM by michael_HOWARD | 9 Comments
Filed under: ,
FAQ about HeapSetInformation in Windows Vista and Heap Based Buffer Overruns
2/19 - Added some Minor Tweaks Perhaps it's the phase of the moon or something, but over the last few weeks I have received more email about correctly using the HeapSetInformation function than any other topic. I really don't know why! This was added Read More...
Posted: Monday, February 18, 2008 5:26 PM by michael_HOWARD | 6 Comments
Filed under: ,
Introducing SAFECode
Today SAFECode , the Software Assurance Forum for Excellence in Code, introduced its first white paper, "Software Assurance: An Overview of Current Industry Best Practices." The organization was founded by Microsoft, Symantec, EMC, SAP and Juniper to Read More...
Posted: Thursday, February 14, 2008 7:27 PM by michael_HOWARD | 6 Comments
Filed under:
More trustworthy election systems via SDL?
My colleague Eric Bidstrup has just posted a thought provoking article on the SDL blog about elections software and the SDL. Read More...
Posted: Wednesday, February 06, 2008 6:03 PM by michael_HOWARD | 1 Comments
Filed under:
Page view tracker