Software bugs

Citect was notified of a buffer overflow bug in their remote plant management systems in January 2008 and has only just released a fix, writes TechNewsWorld:

“The problem is a classic example of buffer overflow from the ’90s,” Core Security CTO Ivan Arce told TechNewsWorld. “It’s not a very sophisticated thing, [which] makes it surprising.”

…

The flaw was first found in January, but Core Security says it was not corrected until just a few days ago.

“This could have been done better — especially on such a critical software,” Arce told TechNewsWorld. “It’s not somebody’s FTP server. It’s software that is critical and should be addressed in a more timely manner.”

Popularity: 39% [?]

ZDNet reports that the credit rating agency Moody’s incorrect rated a risky investment as having its top rating as an investment:

Computerworld UK quotes Ralph Silva, senior analyst at financial services advisory firm Tower Group, regarding rating agencies’ lackadaisical attitude toward technology management:

Ratings agencies never put sufficient emphasis on their technology resources,” he said. In spite of technology playing a key part in ratings decisions, “they simply haven’t felt getting technology right was important enough to business processes, unlike banks”.

Popularity: 41% [?]