Microsoft Office Security Team Enlists Bots, Pen Tests

Nov 8, 2006
26,287
48
48
freesteam.net
#1
Storm, Srizbi, and... Microsoft? Microsoft’s Office application security team actually runs its own internal botnet, which, among other things, “fuzzes” for vulnerabilities in Office applications.

Microsoft’s botnet isn’t anywhere near the size of Srizbi (over 300,000 bots at last count) nor any of the other mega-botnets -- it’s just a couple of thousand machines located in Microsoft’s automation lab. But Tom Gallagher, senior security test lead for Microsoft Office, says the internal botnet is a key tool in rooting out new vulnerabilities in Office by simulating the wildly popular fuzzing technique used by attackers.

View Full Article: Dark Reading