• When newer isn’t more secure, or better


    Susan Bradley

    By Susan Bradley

    It’s a dirty little secret in software — when new code is added to existing code, it doesn’t always result in a more secure system.

    Let me give you a specific example. Recently, Microsoft announced that there had been targeted attacks against ten organizations using fully patched Exchange servers. To gain access, the attackers needed rights on the server.

    That meant they had already employed a successful phishing attack.

    Read the full story in our Plus Newsletter (19.41.0, 2022-10-10).