Google turns up a CNET article from 2007 (probably because eEye was "pumping press releases left and right"):[1]
> Researchers at eEye used a standard process of code auditing in discovering the vulnerabilities, [eEye CEO Ross] Brown added. He noted that Microsoft either did not do a 'good job' with its code auditing, or it may not have had enough people working on such a task.
I don't really get this culture of racing to find a bug in another company's product, then strutting about finding one (in Microsoft Publisher of all things) and throwing shade. I guess we should all be so lucky to have a company whose "standard process" is to pull a week of all nighters testing our product.
SloopJon|1 year ago
> Researchers at eEye used a standard process of code auditing in discovering the vulnerabilities, [eEye CEO Ross] Brown added. He noted that Microsoft either did not do a 'good job' with its code auditing, or it may not have had enough people working on such a task.
I don't really get this culture of racing to find a bug in another company's product, then strutting about finding one (in Microsoft Publisher of all things) and throwing shade. I guess we should all be so lucky to have a company whose "standard process" is to pull a week of all nighters testing our product.
[1] https://www.cnet.com/news/privacy/flaw-found-in-office-2007/
johnisgood|1 year ago
Edit: I just checked the author, I might actually know him from IRC. The "Mantis" and "infosec" checks out.
mixtureoftakes|1 year ago
chrisweekly|1 year ago