CNET: Microsoft's Borrowed Code May Pose Risk
Mar 15, 2002, 13:00 (23 Talkback[s])
(Other stories by Robert Lemos)
WEBINAR: On-demand Event
Replace Oracle with the NoSQL Engagement Database: Why and how leading companies are making the switch REGISTER >
[ Thanks to Bastion
for this link. ]
"On Thursday, researchers reported that at least nine of
Microsoft's major applications--including Microsoft Office,
Internet Explorer, DirectX, Messenger and Front Page--appear to
incorporate borrowed code from the compression library and could be
vulnerable to a similar attack.
"Microsoft representatives said that the software giant's
security response team is investigating the zlib flaw and that some
Microsoft applications use code from that compression library.
However, the team hasn't yet determined which applications use the
library and whether those applications are vulnerable.
"'It's not a foregone conclusion that the applications are
affected,' a company representative said..."