Microsoft mulling major changes to ward off .ANI-type flaws
How did the super-critical animated cursor (.ani) vulnerability get past all the strict code review, fuzz testing and other defense-in-depth mitigations built into Windows Vista? Michael Howard has the answer and he's sharing it with us...