Trustworthy Computing: Lessons learned so far

“Five years ago, Bill Gates issued a memo to all Microsoft employees explaining the importance of building more secure software. Since then, many people across Microsoft have worked to improve the security of their products. In doing so, we’ve learned a lot about what it takes to build more secure software.” In the November issue…

1

Creating a Custom Fuzz Test Interface Provider

These days, fuzzing is most frequently used to validate file and network parsers – literally piping a random source of binary data into the parser and then seeing what happens. In the November issue of MSDN Magazine, Dan Griffin takes a look at the extensibility of Visual Studio 2005 Team Edition for Software Testers and…

0

Code Reviews Help Find and Fix Vulnerabilities in Your Apps

Small coding errors can result in critical vulnerabilities that can compromise the security of not just entire systems, but even entire companies. Security vulnerabilities are not typically caused by a single error, but rather by a sequence of errors during the course of development: a coding error is introduced, it goes undetected during the testing…

1

CLR Inside Out: Managing .NET object lifetime

Although the .NET Framework provides a managed execution environment, it is important to use resources carefully and consider whether you need to proactively manage the lifetime of any objects created by your code. In the November issue of MSDN Magazine, Tim Fischer explains how developers can better understand lifetime management for .NET or COM classes…

2

Analyze Crashes to Find Security Vulnerabilities in Your Apps

How can you make sure a crash in your program is not exploitable? The short answer is simple: assume every crash is exploitable and just fix it! In the November issue of MSDN Magazine, Adel Abouchaev, Damien Hasse, Scott Lambert, and Greg Wroblewski outline some best practices for analyzing program crashes to uncover possible security…

1

Now hiring: Senior Editor for MSDN Magazine

MSDN Magazine is actively seeking a new Senior Editor to join our team. This is an exciting opportunity to play a pivotal roll in the continued growth and success of the world’s leading publication for Microsoft developers. As a Senior Editor, your responsibilities would include:• Working with the Editor-in-Chief to help define the editorial strategy…

7

MOSS 2007 workflow development training

Microsoft Office SharePoint Server (MOSS) 2007 is an industry leading platform for collaboration, but it’s also a powerful application platform for .NET developers.  One of the new features of MOSS 2007 is the ability to include custom forms in workflows with Microsoft InfoPath, though to date you’ve needed MOSS 2007 Enterprise Edition or MOSS 2007…

2

Bugslayer: Measuring the Impact of View State

The .NET Framework is often thought of as an environment where you don’t have to think about memory, yet memory issues continue to plague managed applications. Why? In the November issue of MSDN Magazine, John Robbins presents a tool that lets you look at one of the most insidious performance killers in an ASP.NET app:…

1

Concurrent Affairs: Simplified asynchronous programming model (APM) with C#

Performing I/O-bound operations asynchronously is key to producing scalable and responsive applications, and the APM allows you to use a very small number of threads to execute a large amount of work without blocking any of the threads. In the November issue of MSDN Magazine, Jeffrey Richter demonstrates some recent additions to the C# programming…

1

November 2007 MSDN Magazine now online

The November 2007 issue of MSDN Magazine is now available online at http://msdn.microsoft.com/msdnmag/issues/07/11/default.aspx. November brings our 2007 Security Issue, featuring a range of security related topics from code review best practices to tools you can use for testing your apps more effectively. Michael Howard, the Principal Security Program Manager at Microsoft and author of the…

3