Mark Russinovich (huge brained Microsoft internals whiz) has posted an interesting article detailing how he has found that independent software vendors are still writing basically insecure code. What makes this scary is that he found several major security software vendors were included in his findings. He hasn’t named names for the obvious reasons … I suspect he’s probably contacted them directly and his reputation in this business makes him a man to be seriously listened to.