Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
I'm in New Zealand right now, talking at TechEd. A customer asked me where he could find list of all my old “Code Secure” columns on MSDN. I wasn't aware but things have moved around a little on msdn.microsoft.com, making it a little hard to find the archived articles. I'll have a chat with the MSDN folks, but in the meantime, here's the list:
- An Overlooked Construct and an Integer Overflow Redux (https://msdn.microsoft.com/library/en-us/dncode/html/secure09112003.asp)
- Analyzing Your Applications with Windows Application Verifier (https://msdn.microsoft.com/library/en-us/dncode/html/secure12112003.asp)
- Development Impacts of Security Changes in Windows Server 2003 (https://msdn.microsoft.com/library/en-us/dncode/html/secure06122003.asp)
- Fending Off Future Attacks by Reducing Attack Surface (https://msdn.microsoft.com/library/en-us/dncode/html/secure02132003.asp)
- Fix Those Buffer Overruns! (https://msdn.microsoft.com/library/en-us/dncode/html/secure05202002.asp)
- Impersonation Issues (https://msdn.microsoft.com/library/en-us/dncode/html/secure03132003.asp)
- Integer Handling with the C++ SafeInt Class (https://msdn.microsoft.com/library/en-us/dncode/html/secure01142004.asp)
- Reviewing Code for Integer Manipulation Vulnerabilities (https://msdn.microsoft.com/library/en-us/dncode/html/secure04102003.asp)
- Saying Goodbye to an Old Friend (https://msdn.microsoft.com/library/en-us/dncode/html/secure03102004.asp)
- Some Bad News and Some Good News (https://msdn.microsoft.com/library/en-us/dncode/html/secure10102002.asp)
- Tackling Two Obscure Security Issues (https://msdn.microsoft.com/library/en-us/dncode/html/secure08192002.asp)
- The Challenge of Least Privilege (https://msdn.microsoft.com/library/en-us/dncode/html/secure06112002.asp)
- When Output Turns Bad: Cross-Site Scripting Explained (https://msdn.microsoft.com/library/en-us/dncode/html/secure07152002.asp)
Comments
- Anonymous
August 02, 2004
The last one looks especially nice from the point of the recent XSS at the MS Events site I've reported myself :) However credits to MS for the almost promptly reply and fix unlike Sun and Apple. - Anonymous
August 04, 2004
Congratulations, this post has been featured on TheServerSide.NET.