What has security firms worried the most? Web browsers? Wireless access points? QuickTime? As far as SANS is concerned, the biggest security concern
is one of the most commonly used productivity suites in the world – Microsoft Office.
According to SANS, alongside web applications, Office ranks among the biggest security concerns for a variety of reasons. In the latest SANS report, they cite developers using poor coding techniques that leave them open to security flaws, such as with data exchange between a client PC and a remote server. Office was cited as having a 300% increase in vulnerabilities discovered between 2006 and 2007, many of which were due to Microsoft Excel.
The fault isn't just in the software – obviously, at some point users have to make the choice to open documents that might be untrustworthy. User education can only go so far, however. SANS has several reccomendations for protection, though ultimately it is in the development stage of software that determines how secure it is.