Q&A: Don't judge Microsoft security by the number of Patch Tuesday bulletins - Network World

 

“What's the SDL's biggest benefit been for Microsoft? I think the biggest gain has been the reduction in the prevalence of exploitable vulnerabilities [in Microsoft's newer products]. It really is the combination of making the code more secure and making the remaining vulnerabilities harder to exploit because the attack surface has been reduced.”

- Steve Lipner, senior director of security engineering at Microsoft's Trustworthy Computing Group,

Q&A: Don't judge Microsoft security by the number of Patch Tuesday bulletins - Network World