(Untitled)

[bonboard]

I was just going to email this to mtbg, but I figured maybe somebody else will enjoy it the way I did:

The MS08-067 bug and the Security Development LifecycleIt's a brief discussion of the new Microsoft bug and how it made it past their layered security analysis

Comments

[mtbg]

Thanks for the pointer. I've been up for too many hours after too few hours of sleep, so I'll post a real response when I'm coherent again.

[mtbg]

Bill Gates sent out his "Trustworthy Computing" memo in early 2002. It took until XP SP2 and Vista to really start seeing the effects: defense in depth, good default settings, fewer vulnerabilities overall. I think the analysis in that post is pretty accurate -- the SDL more or less did its job, but (to stretch a metaphor) MS08-067 is too high up on the tree to count as even medium-hanging fruit.

On the other hand, a commenter points out that if the code was so complex as to be unduly hard to analyze, it shouldn't have passed code review. I'd add that since the code was reachable from the network, the reviewer should have been even more skeptical. In fact, for network-facing code as old as that, maybe somebody should have decided to do a ground-up rewrite when they were running it through the SDL.