If you can apply testing for the top five vulnerabilities, you can make your code 80 percent more secure.

We're never going to secure the Net if we don't air and criticize vulnerabilities.

We, like many other federations, were not 100 percent happy with the code, but for the sake of harmonization and loyalty and to move the code forward we sort of compromised, all of us.

[One of the two critical vulnerabilities in the bulletin is within the Microsoft Distributed Transaction Coordinator (MSDTC), code that's used to coordinate any sort of transaction on multiple servers, such as database queries.] It's a service used primarily in enterprises, ... You don't see it much on smaller-scale servers or desktops.

Three of the vulnerabilities can launch malicious code that allows an attacker to snoop on users. The other vulnerability is a DOS attack that will only work in a few cases and crash the media player when it tries to open a file.

I'm in that, I guess, top 2 percent or something.