Last month, a critical security bug was found in most versions of Windows. This bug generated a lot of news because it was one of the first to impact Windows Vista.
Over on the new Secure Development Lifecycle blog, Michael Howard discusses what the security team at Microsoft learned from this incident, and what the company is doing to address it.
Howard’s post is quite technical in nature, but it’s another example of how Microsoft is being more transparent in explaining the secure development lifecycle the product teams follow. By having this open dialog with developers, it is a great way to help build trust in the system, even when that system experiences occasional failures.