As expected, after the code leak there have already been some bugs discovered which just goes to show how bug infested MS code probably is. If it was released to the open world, a lot more audting could be done and the code would be a lot better.
The first bug was discovered some time ago, but a working exploit was not produced or not released anyway. Days after the source appeared and started to quickly spread a proof of concept exploit was released. The other bug found affects bitmap processing code in IE 5 & some versions of Outlook Express, a working exploit has also been released.
Since MS releases the source code to selected partners and such, maybe they should just do everyone a favour and release it to everyone. Or more people at least, so a proper audit can take place which would make things a lot better.
Bugs, some very complicated to reproduce can still be discovered even with closed source. The debate about closed source being more secure, via security through obscurity is pointless - as proven by these latest events.
I'm sure there will be more to come...
Thanks for signing in, . Now you can comment. (sign out)
(If you haven't left a comment here before, you may need to be approved before your comment will appear.)