Though it's not trying to sidestep blame...
Published: 13 August 2003 09:05 GMT
Microsoft has laid the blame for half of all Windows crashes on third-party code.
Scott Charney, chief security strategist at Microsoft, told developers at the TechEd 2003 conference in Brisbane, that information collected by Dr Watson, the company's reporting tool, revealed that "half of all crashes in Windows are caused not by Microsoft code but third-party code".
Charney's comments come as the company highlights the rigour with which it tests its own products before release. Microsoft emphasised that products such as Yukon and Exchange Server were undergoing thorough testing - both internally and via independent third parties - prior to their release to the market.
The company is employing root cause analysis and event sequence analysis procedures to scrub out the creation of sloppy code. The result is that individual developers have a high degree of accountability for the code they produce, while the systems and processes associated with code development are rigorously monitored.
Root cause analysis enables the company to check closely the work of individual developers. “If a developer has written vulnerable code, then we look at what else that developer has written and check it,” Charney said.
Event sequence analysis takes this further, analysing the reasons why the vulnerable code was written. Charney said it was not necessarily so they can sack whoever is writing vulnerable code but to find out the reasons why and how Microsoft can improve its staff with training or more efficient processes.
As Charney made his remarks, Charles Sturt University announced it would be offering a Master of Information Systems Security degree including MCSE:Security industry certification.
Charney also reinforced Microsoft's message to developers and network administrators that they need to build secure applications and networks "from the ground up".
The chief security strategist's remarks have come at an unfortunate time, as mainstream and niche media outlets produce heavy coverage of the impact of the MSBlast worm, which has infiltrated corporate and enterprise networks worldwide.
Brendon Chase writes for ZDNet Australia.
You will have overall accountability for the company’s project management team and promote the digital process and best practice across the ...
Additionally they are also responsible for managing two Wintel Systems Administrators.All members of the wintel infrastructure team partake in a 24x7 ...
Key experience to include: - delivery of large technology integration projects from concept through to operational use - management of ...
Agenda Setters 2009
Welcome to the ninth annual Agenda Setters poll – silicon.com's list of the top 50 most influential individuals in the technology and IT industries, from techies and CIOs to entrepreneurs and business leaders. Find out more in our latest special report.
Is Your Enterprise Architected for Tomorrow's Growth?
Improving IT service delivery through an integrated approach to software asset management...
TechRepublic Resource Guide: Software as a Service (SaaS) for Small and Midsize Businesses...
Download a Free Trial of SmartDraw: Learn why SmartDraw is the ideal alternative...
Stories from the web...
Copyright © 2008 CBS Interactive Limited. All rights reserved. Top of page
Digg
Slashdot
Del.icio.us
Stumble
Reddit
RSS Feeds
Clive Longbottom Windows 7: Not perfect - but ready for prime time Microsoft's latest OS fixes most of Vista's ills - but still has challenges ahead
Stephen Kleynhans Mind the details with Windows 7 Just because it might work better than Vista, it doesn't mean you can be sloppy