A list of Code Secure columns
I'm in New Zealand right now, talking at TechEd. A customer asked me where he could find list of all my old “Code Secure” columns on MSDN. I wasn't aware but things have moved around a little on msdn.microsoft.com, making it a little hard to find the archived articles. I'll have a chat with the MSDN folks, but in the meantime, here's the list:
- An Overlooked Construct and an Integer Overflow Redux (https://msdn.microsoft.com/library/en-us/dncode/html/secure09112003.asp)
- Analyzing Your Applications with Windows Application Verifier (https://msdn.microsoft.com/library/en-us/dncode/html/secure12112003.asp)
- Development Impacts of Security Changes in Windows Server 2003 (https://msdn.microsoft.com/library/en-us/dncode/html/secure06122003.asp)
- Fending Off Future Attacks by Reducing Attack Surface (https://msdn.microsoft.com/library/en-us/dncode/html/secure02132003.asp)
- Fix Those Buffer Overruns! (https://msdn.microsoft.com/library/en-us/dncode/html/secure05202002.asp)
- Impersonation Issues (https://msdn.microsoft.com/library/en-us/dncode/html/secure03132003.asp)
- Integer Handling with the C++ SafeInt Class (https://msdn.microsoft.com/library/en-us/dncode/html/secure01142004.asp)
- Reviewing Code for Integer Manipulation Vulnerabilities (https://msdn.microsoft.com/library/en-us/dncode/html/secure04102003.asp)
- Saying Goodbye to an Old Friend (https://msdn.microsoft.com/library/en-us/dncode/html/secure03102004.asp)
- Some Bad News and Some Good News (https://msdn.microsoft.com/library/en-us/dncode/html/secure10102002.asp)
- Tackling Two Obscure Security Issues (https://msdn.microsoft.com/library/en-us/dncode/html/secure08192002.asp)
- The Challenge of Least Privilege (https://msdn.microsoft.com/library/en-us/dncode/html/secure06112002.asp)
- When Output Turns Bad: Cross-Site Scripting Explained (https://msdn.microsoft.com/library/en-us/dncode/html/secure07152002.asp)
Comments
- Anonymous
August 02, 2004
The last one looks especially nice from the point of the recent XSS at the MS Events site I've reported myself :) However credits to MS for the almost promptly reply and fix unlike Sun and Apple. - Anonymous
August 04, 2004
Congratulations, this post has been featured on TheServerSide.NET.