Microsoft Rebukes Developers for Poor App Security

Microsoft Rebukes Developers for Poor App Security

In its latest Software Development Lifecycle (SDL) Progress Report, Microsoft says it has done its part to make operating systems and browsers more secure, but third-party developers have not taken basic steps to secure their applications. The report finds that only 43 percent of the applications surveyed, including 20 percent of security applications, had implemented Address Space Layout Randomisation (ASLR), which makes it more difficult for malware to access DLL files. In addition, 29 percent of applications surveyed were not using Data Execution Prevention (DEP), despite the fact that it is very easy to implement.

The report also points out that it is much more economical to make security fixes before an application is released. “The National Institute of Standards and Technology (NIST) estimates that code fixes performed after release can result in 30 times the cost of fixes performed during the design phase,” the authors write.

View article


About Our Editorial Process

At DevX, we’re dedicated to tech entrepreneurship. Our team closely follows industry shifts, new products, AI breakthroughs, technology trends, and funding announcements. Articles undergo thorough editing to ensure accuracy and clarity, reflecting DevX’s style and supporting entrepreneurs in the tech sphere.

See our full editorial policy.

About Our Journalist