CNET is running a nice article which essentially talks about all the things that database vendors are doing to sell security in their products. It will take a while before mature products come out which will address this issue in a more realistic way.

Microsoft, two days ago, announced that it has stepped up its fight against software piracy by requiring users to verify their copies of the Windows operating system. Anyone downloading updates for Windows XP will be required to check that their operating system is genuine.

According to this link, by modifying the URL, once can override this check before downloading updates. Basically by modifying a hidden variable, it can all be bypassed. Classic case of missing input validation.

So much for MS taking security seriously.

Welcome to Secuprise blog. Tune in for latest in security, industry news etc.