Study: 'Huge jump' in Microsoft flaws since last year

The number of security holes found in Microsoft software between 2006 and 2007 has risen threefold, says vulnerability-scanning company Qualys.

The past year has seen a massive increase in the number of flaws found in Microsoft software, according to vulnerability-scanning company Qualys.

Between 2006 and 2007, there was an almost threefold rise in Microsoft flaws, Qualys said on Wednesday.

"We have seen a huge jump in the vulnerabilities in Microsoft Office products," said Amol Sawate, manager of Qualys' vulnerability-management lab. "These charts show growth of nearly 300 percent from 2006 to 2007, primarily in new Excel vulnerabilities that can easily be exploited by getting unsuspecting users to open Excel files sent via e-mail and instant message."

Alan Paller, director of research for the Sans Institute, a computer-security training organization, said that the reason more vulnerabilities were being found was that it was becoming increasingly profitable for crooks to target the software.

"It isn't that Microsoft isn't doing a better jo b," Paller said. "The reason (is that) it is so lucrative to find vulnerabilities in Excel and Word, so there are a lot of (hackers) searching for them."

Microsoft declined to comment for this story.

Tom Espiner of ZDNet UK reported from London. CNET News.com's Ina Fried contributed to this report from San Francisco.

Featured Video
6
This content is rated TV-MA, and is for viewers 18 years or older. Are you of age?
Sorry, you are not old enough to view this content.

As Xbox One gets a little sweeter, HoloLens gets Xbox Live

Microsoft announces new features coming to Xbox One, including the ability to record TV shows. Also, the company opens up Xbox Live to HoloLens programmers.

by Bridget Carey