'Huge jump' in Microsoft flaws since last year

Summary:The number of security holes found in Microsoft software between 2006 and 2007 has risen threefold, says vulnerability-scanning company Qualys

The past year has seen a massive increase in the number of flaws found in Microsoft software, according to vulnerability-scanning company Qualys.

Between 2006 and 2007, there was an almost threefold rise in Microsoft flaws, Qualys said on Wednesday.

"We have seen a huge jump in the vulnerabilities in Microsoft Office products," said Amol Sawate, manager of Qualys's vulnerability-management lab. "These charts show growth of nearly 300 percent from 2006 to 2007, primarily in new Excel vulnerabilities that can easily be exploited by getting unsuspecting users to open Excel files sent via email and instant message."

Alan Paller, director of research for the Sans Institute, a computer-security training organisation, said that the reason more vulnerabilities were being found was that it was becoming increasingly profitable for crooks to target the software.

"It isn't that Microsoft isn't doing a better job," Paller said. "The reason [is that] it is so lucrative to find vulnerabilities in Excel and Word, so there are a lot of [hackers] searching for them."

Microsoft could offer no comment at the time of writing.

Topics: Security

About

Tom is a technology reporter for ZDNet.com, writing about all manner of security and open-source issues.Tom had various jobs after leaving university, including working for a company that hired out computers as props for films and television, and a role turning the entire back catalogue of a publisher into e-books.Tom eventually found tha... Full Bio

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.