November 28, 2001
Microsoft's .NET security promise challenged
Author: JT Smith
Kelly McNeill writes "Foundstone Inc. and CORE Security Technologies released a joint white paper Monday entitled "Security in the Microsoft .NET Framework," which asserts that "the managed code architecture of the .NET Framework provides a compelling solution to the problem of software application security." The report went on to say that the .NET Framework offers software developers and IT administrators "granular security control" by offering them clear-cut ways in which to implement robust cryptographic, authentication, and authorization practices while plugging holes caused by buffer overflows. The white paper said that IT administrators and software developers would relieve end users of having to make crucial security judgments when the framework is used. Microsoft appeared to be vindicated by the report. However, according to news sources, it was commissioned by the company."