The implementation stage

Office automation solutions to improve rural migrant workers of office automation code review report results made MSEC (OACR office workers and the team to identify and product quality problems of code or prior to any penetration test before. This makes the team to direct their achievements of more value.

On the basis of the analysis of the external vulnerability in previous versions, and puts forward an improved version of office in the office and safeInt 2010.An improved version (2010) can improve the GS introducing visual studio in office development cycle is led by 2010, the three major elements regression problems without significant. By 2010, and this function was found in a future version integrated office. The office to prevent data execution by 2010 (department), first, if you are using the Windows of the office, SEHOP by 2010, prevent exploitation http://blogs.technet.com/srd/archive/2009/02/02/preventing-the-exploitation-of-seh-overwrites-with-sehop.aspx processor (structured exception).Additional risk, improve the place (tenant - in multi held by 2010 and stood script (hidden). The most important safety improvement scheme using a mixture of code access security sandboxing executive with a custom developing bunker. Additional alleviate cross station scripts used browser headers to force would be dangerous work contents and improve the downloaded scripts request permission.Review stage.From the beginning of fuzziness distributed development cycle continuously fuzzers refinement of use. This continuous efforts have become the biggest investment, improve the security of office in the office of the analyzer. Using distributed throughout the company, expand the fuzziness framework will now is the key factor of the SDL version. The number of fuzziness iteration for more than eight million by 2010 office in 400 iterative format in over 1800 correction. Besides the fuzziness and distributed file format framework used fine fuzziness and ActiveX control ship widely. By 2010.Automation infrastructure was installed in 2010, achieve the highest office verification tools (such as BinScope SDL) as part of the construction process. This makes the office of operation of these tools allow the team more frequent timely recognition and faster repair the problem.

Internal and external penetration test was conducted during the development cycle by 2010. The goal of high office in the design phase feature recognition, including several products in S.K.U client and server.Hope all of these efforts will more powerful and office 2010 will back some peace of mind, for the customer received the documents from untrusted sources.Besides, this essay, Microsoft has published a whitepaper several months ago in 2007 to help improve Microsoft office. You can find it in 2006