Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft Fuzzing Botnet Finds 1,800 Office Bugs

Posted by timothy on from the running-through-the-possibilities dept.

CWmike writes "Microsoft uncovered more than 1,800 bugs in Office 2010 by tapping into the unused computing horsepower of idling PCs, a company security engineer said on Wednesday. Office developers found the bugs by running millions of 'fuzzing' tests, a practice employed by both software developers and security researchers, that searches for flaws by inserting data into file format parsers to see where programs fail by crashing. 'We found and fixed about 1,800 bugs in Office 2010's code,' said Tom Gallagher, senior security test lead with Microsoft's Trustworthy Computing group, who last week co-hosted a presentation on Microsoft's fuzzing efforts at the CanSecWest security conference. 'While a large number, it's important to note that that doesn't mean we found 1,800 security issues. We also want to fix things that are not security concerns.'"

3 of 111 comments (clear)

  1. 1800 down, 10,000,000 to go by flyingfsck · · Score: 1, Troll

    The problem is that they write such crappy code to begin with. There really is no good reason for that. I use Word 2007 at work and it is very buggy. If I had my way, I would not use it, even OOo is better.

    --
    Excuse me, but please get off my Pennisetum Clandestinum, eh!
  2. Another April Fool? by epo001 · · Score: 0, Troll

    I mean Microsoft proactively looking for bugs? It's a bit far-fetched.

    Come on it's April 2nd here, stop it!

  3. Re:Software firm test his software? by kronosopher · · Score: 1, Troll

    I'd like to ask them to stop killing people first, much less respecting standards.