Flaw Finders Lay Seige to Microsoft Office

An anonymous reader writes "The Register is reporting that bug reports on the latest iteration of Microsoft Office are certainly keeping the Redmond firm's programmers busy. So far this year 24 flaws have been found by outside researchers, more than six times the number found in all of 2005. From the article: 'The deluge of vulnerabilities for the Office programs - Word, Excel, PowerPoint, Outlook, and, for professional users, Access -signals a shift in the focus of vulnerability research and underscores the impact of flaw-finding tools known as fuzzers. The vulnerabilities in Office also highlight the threat that such files, if remained unchecked, can pose to a corporate network. Not since the days of macro viruses and Melissa have Office files posed such a danger to computer security.'"

Siege

Siege, not seige.

Re:Access ?

[Frogbert]

Access is a very powerful program, if nothing else it allows you to easily create a frontend to a much more powerful database with very little fuss.

Access is huge in business because it is trivial to modify the user interface, and to add functionality later on. A massive database solution might do the job faster but if the IT staff can't go in and change the interface every now and then it is pointless. A prime example is upgrading the user interface from the one designed in 1998 for an 800x600 screen to a more recient 1024x768 interface.

Apples and Oranges

[Umbral+Blot]

Just for clarification the article says that the flaws are being found in the latest production version of office, not the latest iteration (which would imply pre-betas of office 2007 (2008?, whatever)). Obviously it would be stupid to compare the flaws in a production product with those in a pre-beta, which is what the summary on /. seems to imply.

Re:Access ?

[miro+f]

ok, just to clear a few things up:

1) they're talking about security vulnerabilities, not bugs. I'm sure the number of Office bugs are in the thousands... It's pretty difficult to write a large piece of software without them
2) The article was stating that 24 Vulnerabilities were found in the current crop of Office, not in the up and coming Office 2007, so your bit about "not available to public" is not applicable

Re:OpenOffice

[davros-too]

Our (very small) business recently migrated *away* from Open Office. New staff were confused, couldn't do things the way they were used to. They arrive already knowing how to use word, excel, powerpoint (ugh! but its sometimes necessary) but give them OpenOffice and there is a substantial learning curve. Remember, what slashdot uber-geeks can learn in 5 seconds takes the average person 10 weeks. Since changing to office our productivity on certain tasks such as collaboratively authoring documents has increased substantially. We just send the latest version and they send it back with the edits marked in track changes. Yes, all can be done using openoffice - but not when the customer or client doesn't have open office. Openoffice has to be really, really easy for someone to use who is familiar with office (its getting closer, but a long way to go). And its ability to save to and read from office formats needs to be a lot better than it currently is.