Microsoft has just announced that there are security flaws in the Active Template Library (ATL). While many developers will think that this only applies to C programmers and while to some extent they are correct I think it is important to take a lesson from this issue. Micheal Howard has posted a very informative post to the MSDN Security blog that I think is well worth the read for all developers (not just C and C++ programmers).

Too many organizations think that they can ignore code once it has been written, but the price of secure code (like freedom) is constant vigilance.