
Though it's not trying to sidestep blame...
Published: 13 August 2003 09:05 GMT
Microsoft has laid the blame for half of all Windows crashes on third-party code.
Scott Charney, chief security strategist at Microsoft, told developers at the TechEd 2003 conference in Brisbane, that information collected by Dr Watson, the company's reporting tool, revealed that "half of all crashes in Windows are caused not by Microsoft code but third-party code".
Charney's comments come as the company highlights the rigour with which it tests its own products before release. Microsoft emphasised that products such as Yukon and Exchange Server were undergoing thorough testing - both internally and via independent third parties - prior to their release to the market.
The company is employing root cause analysis and event sequence analysis procedures to scrub out the creation of sloppy code. The result is that individual developers have a high degree of accountability for the code they produce, while the systems and processes associated with code development are rigorously monitored.
Root cause analysis enables the company to check closely the work of individual developers. “If a developer has written vulnerable code, then we look at what else that developer has written and check it,” Charney said.
Event sequence analysis takes this further, analysing the reasons why the vulnerable code was written. Charney said it was not necessarily so they can sack whoever is writing vulnerable code but to find out the reasons why and how Microsoft can improve its staff with training or more efficient processes.
As Charney made his remarks, Charles Sturt University announced it would be offering a Master of Information Systems Security degree including MCSE:Security industry certification.
Charney also reinforced Microsoft's message to developers and network administrators that they need to build secure applications and networks "from the ground up".
The chief security strategist's remarks have come at an unfortunate time, as mainstream and niche media outlets produce heavy coverage of the impact of the MSBlast worm, which has infiltrated corporate and enterprise networks worldwide.
Brendon Chase writes for ZDNet Australia.
To apply for this role please send your CV and salary expectations to david@navigationrecruitment.co.uk For a list of all our vacancies, please visit ...
We are looking for a Digital Strategist with a solid understanding of the technology and tools available to drive Digital campaigns. This is a unique ...
Ideal profile: Lead Search Engine Optimization consultant, SEO expert Leading web brand with huge ambition and enjoying a lot of success currently is ...
Agenda Setters 2009
Welcome to the ninth annual Agenda Setters poll – silicon.com's list of the top 50 most influential individuals in the technology and IT industries, from techies and CIOs to entrepreneurs and business leaders. Find out more in our latest special report.
Stories from the web...
Copyright © 2008 CBS Interactive Limited. All rights reserved. Top of page
Bob Tarzey Why you must rein in your power users When they do damage, it can be catastrophic to your business
Jon Collins Is losing a mobile device really such a big deal? How to minimise the damage to your business