February 15, 2002
Security flaw found in new .NET developer tool
Author: JT Smith
NewsFactor Network writes: "An information security firm has reported that a component of Microsoft's just-released Visual Studio .NET programming tool kit contains a security flaw. Microsoft's Visual C++ .NET, the latest incarnation of the company's highly touted signature developers' tool, appears to be vulnerable to buffer overflow attacks, despite efforts on the part of Microsoft's development team to update a mechanism to plug the hole. According to officials at Cigital, the consulting firm that discovered the vulnerability, Microsoft may have implemented a process that is susceptible to attack in compilers used with Linux."