Microsoft team finds bugs in Apple and other companies' products

Finding and reporting bugs is always something that software companies have to do. But usually its just for its own software products. Microsoft, on the other hand, has been working for the past couple of years trying to find and report bugs in other companies' software such as products made by Apple and Google. ZDNet.com reports that the Microsoft Security Vulnerability Research team, otherwise known as MSVR, has so far found 109 different software bug from 38 different companies since July 2010.

The past couple of months have seen the MSVR team working to find and report bugs in a number of products. In July the team found security issues in Facebook and also in Google's Picasa service. Both issues have since been fixed by the respective companies. In August the team found security problems on the Safari web browser from Apple as well as the WordPress blogging software. Microsoft said, "Vendors have responded and have coordinated on 97 percent of all reported vulnerabilities; 29 percent of third-party vulnerabilities found since July 2010 have already been resolved, and none of the vulnerabilities without updates have been observed in any attacks."

Microsoft first got some attention for its third party software team in 2009 when it found a particularly bad security issue in Google's Chrome Frame. Microsoft has sent out a public list of all the security issues it has found in third party software products since April at the MSVR web site. Some of the other companies that Microsoft has helped out in the past several month include RealNetworks, Opera with its web browser and Foxit's PDF reader software.

Report a problem with article
Previous Story

GameStop to give $50 gift cards to Deus Ex 3 PC customers

Next Story

Cell carriers prep for Hurricane Irene

38 Comments

View more comments

Everyone should remember stuff like this when they hear companies that gladly work behind the scenes with Microsoft and take their advice talk smack about Microsoft in public.

Like the recent Google developers and CEO comments - Especially the one about Microsoft not innovating, when Chrome directly modeled the IE7 sandbox but without the OS security level model.

.

So this explains why Microsoft can not help it's own customers on their platform with problems with their own software and programs. They are to busy worried about other companies platforms. WOW! .

JSYOUNG571 said,
So this explains why Microsoft can not help it's own customers on their platform with problems with their own software and programs. They are to busy worried about other companies platforms. WOW! .

plz tell me this was sarcasm. if it wasn't, then you're a complete moron.

JSYOUNG571 said,
So this explains why Microsoft can not help it's own customers on their platform with problems with their own software and programs. They are to busy worried about other companies platforms. WOW! .

Wow. You're seriously going to take something positive like this and turn it negative? Totally unrelated comment is totally unrelated.

Whatever. Stop worrying about others and spend more time on your products. And yes, they may be "helping" other companies but if cannot help themselves and fix their stuff.

techbeck said,
Whatever. Stop worrying about others and spend more time on your products. And yes, they may be "helping" other companies but if cannot help themselves and fix their stuff.
That comment is just too ignorant to warrent an explnation explaining all the ways you are wrong.

Xerax said,
That comment is just too ignorant to warrent an explnation explaining all the ways you are wrong.

And I dont really care what the **** you think really. Your comment is a typical troll comment.

Dont like my comment, dont post. Simple as that really. I understand MS tests software to be compatible with their own ****. DUH. MS' own software alot of times doesnt work well with each other. Thats my point. Fix their own **** and let others work on their on DNR. Other companies are given access and rights to test MS software with their own.

Now, troll on

And again, dont like what I say. I dont give a ****.

Edited by techbeck, Aug 27 2011, 6:48pm :

techbeck said,
Whatever. Stop worrying about others and spend more time on your products. And yes, they may be "helping" other companies but if cannot help themselves and fix their stuff.

Ok, I'll bite. What Microsoft product is full of security holes that needs their attention?

Windows 7 - less holes than OS X

IE9 - less holes than Chrome, Firefox, and Safari

Office - less holes than Open Office (which is weird as Office has a complete programming environment.)

IIS - less holes than Apache

ASP.NET - less holes than PHP (Which is why IIS in 2008 R2 has a new way to integrate PHP and put a security wrapper around it.)

MSSQL - less holes than MySQL and even the old big dogs of databasess

XBox - less holes than PS3

WP7 - less holes than iOS and far less than Android
*WP7 even got attention this week by a few testing companies as the most stable smartphone OS.


So, I would be there with ya, if there were issues in Microsoft products, but this isn't 2002 or 1999, and Microsoft has a good handle on security that makes even the 'darling' companies appear to be lacking.

If you look at OS X Leopard & Snow leopard, there were more security hole patches by a factor of 20 to 1 than BOTH Vista and Windows 7, even including the extra six months Vista was on the market before Leopard. (This isn't a 'few more holes', this is a massive difference when you get into the 10 to 1 and 20 to 1 ratios.)

AMPSV said,
the pot calling the Kettle black
wow Microsoft just build bug proof software yourself

Constructive bug finding helps everyone and Microsoft should have been actively doing this a long time ago seeing as it tends to be 3rd party software causing the majority of instability in work places I have been apart of.

AMPSV said,

wow Microsoft just build bug proof software yourself

What do you think they're busy with? Other software was causing those bugs, what article were you reading?

AMPSV said,
the pot calling the Kettle black
wow Microsoft just build bug proof software yourself

Dude - MSFT invests massive amounts in their test departments. You are an ignorant troll.

AMPSV said,
the pot calling the Kettle black
wow Microsoft just build bug proof software yourself

I'll refer ya to my response in the post above yours. If Microsoft had issues, you might have a valid argument.

It tells me that you don't have respect for what Microsoft did with their security refocus, that did make things different, and also helped the entire industry, with what Microsoft has learned about security getting hit hard by exploits.

There was a time when Microsoft created their own security nightmares, and there was also the time when Microsoft was hit with attacks and exploits that we (security experts) didn't even realized were possible, that benefited everyone, because after Windows got smacked with new exploit concepts, Linux and OS X were able to go in and safeguard against the new concept of attack as well.

I do know you are trolling, but you could take this as an opportunity to go, well maybe I am still stuck in the Microsoft sucks mindset and it is time to let it go and see them for the good and bad that they are instead of my past illusion.

KingCrimson said,
classic case of throwing stones in glass houses. Shame MSFT Shame!!!!

Yea, nothing makes a company more irresponsible and evil than helping others out with defects and security problems.. So it would be better if Microsoft just burnt the consumer then? /s

The MSVR is just one team of many many in microsoft, why do ignorant people think they also work on building the operating system.

The canteen staff work for microsoft too, does that mean they have to teach you how to use a pc too?

Fact is, there will always be bugs and security issues, because it's an ever growing industry and technologies grow as do ways to use and abuse it, you either embrace it or hide in the attic.

Its funny how microsoft is reporting bugs found in other third party software when Microsoft has 100's of their own bugs on their operating system. Bads...

Syndicated8 said,
Its funny how microsoft is reporting bugs found in other third party software when Microsoft has 100's of their own bugs on their operating system. Bads...

Microsoft is THE most proactive company in the entire industry with regards to bugfixes and security patches. There really isn't any way to say it better than it has already been said in previous comments. This is a very good thing for the industry as a whole.

Commenting is disabled on this article.