The number of errors and exploitable vulnerabilities in the individual Microsoft Office versions has dramatically in recent years taken off and is even below that of OpenOffice. This is the result are independent of the security specialist Dan Kaminsky and Will Dormann of CERT at Carnegie Mellon University came. The Results are, however, with a little caution to enjoy being on automatic evaluation susceptible of concrete slightly above the Potential threat to testify.
Both studies used for their fuzzing tools to more to create ten thousand bad doc files, they in the Office To download products and the reaction with the Microsoft tool "! exploitable Crash Analyzer to evaluate. "Kaminsky Dormann and were finally Number of crashes and the Crash Analyzer as weaknesses classified errors exploited for attacks, or suspected can be exploited. The tool takes this view, however, automatically before.
The number of exploitable vulnerabilities in Microsoft's Office suite has declined considerably from 2003. Image: Dan Kaminsky Dormann has Office XP Office 2003 and 2007 up to Office 2010 registered a steady decline of the crashes. In addition, the number of exploitable vulnerabilities decreased from seven to zero continuously. When he compared only the OpenOffice versions 3.2.1 and 3:30 RC7, with the number of crashes and exploitable bug (from 18 to 15) within the product but declined to but still significantly was higher than those of Microsoft Office.
Kaminsky is with his attempts to drastic statements: while Office 2003 still has 127 (potentially) exploitable vulnerabilities, bagged the number for Office 2007 from Office 2010 to 12 and at 7. In Comparison showed that in 2003, available OpenOffice version (Version 1.1) 73 vulnerability, which in 2007 62 and 2010 20 fell.
Kaminsky and Dormann, conduct themselves in interpreting the results back. From the perspective of Kaminsky, the situation has improved. What is the reason, can open both. With Microsoft expected the introduction of the Software Development Lifecycle an essential Role as the manufacturer in this particular context and processes has tools to increase the safety of its established products.
However one can not overstate the results. On the one they seem to vary so greatly, and similar tests for other Microsoft's products are still more in the focus of attackers as OpenOffice. Thus, the risk of infection is even less Weak points higher. That may change, however, soon, when the Support for Office XP runs (12 July 2011) and enterprises and Users to newer versions of Office switch. It tries to others, the "Office File Validation" prepared to load files . Prevent The function is available for the last Patch Tuesday and Office 2003 and 2007.
9 comments:
I prefer Microsoft Office - pretty much does the work for you.
i agree with sweet shop, Microsoft office does the work for you, you hardly have to do anything
Awesome blog man! Keep up the great work!
Open office its free and does the same thing if not better
Microsoft office
I have been using open office for a while now. I find it alot more user friendly. Also the free aspect is not too bad either.
I've been microsoft office until now but maybe i should check out open office
to be honest, i rather not use either haha but if i HAD to pick id pick microsoft office
After getting more than 10000 visitors/day to my website I thought your freezour.blogspot.com website also need unstoppable flow of traffic...
Use this BRAND NEW software and get all the traffic for your website you will ever need ...
= = > > http://get-massive-autopilot-traffic.com
In testing phase it generated 867,981 visitors and $540,340.
Then another $86,299.13 in 90 days to be exact. That's $958.88 a
day!!
And all it took was 10 minutes to set up and run.
But how does it work??
You just configure the system, click the mouse button a few
times, activate the software, copy and paste a few links and
you're done!!
Click the link BELOW as you're about to witness a software that
could be a MAJOR turning point to your success.
= = > > http://get-massive-autopilot-traffic.com
Post a Comment