As you know doubt have heard Juridian, I had the fortunate opportunity to work in a place that quite liked the loose write it as needed document nothing style of code development. That being said, the little development I was able to push properly I adopted the extreme style of programming. IMO, Neither development methodology promotes security more than the other. It falls to your individual developers to handle that as they are doing development. Security considerations should be a constant thing in development, not a step in the process, but rather a key piece of the entire process, considered in each step, from analysis to design to development to implementaiton.

The MSF, while being quite a structured development methodology, does not necessarily increase the security potential of any application merely by adding proper code review stages and such. It essentially falls to the approach you favour. The Extreme development methodology does not necessarily lend itself to be more vulnerable, and were you to read in that there is little code review, one might expect that indeed, more bugs could be present. While that may be the case, the MSF is being presented under the dubious distinction of a company itself that has been plagued by bugs and vulnerabilities. If we are to infer that Microsoft has indeed followed similar steps and procedures beforehand, it appears that indeed contrary to what should be the case, code review steps are not sufficient for eliminating or vastly limited application bugs.

A code review is really only as good as the programmer doing the review, and depends largely on their understanding of the code they are reviewing. Simple development flaws can be picked up by a code review, anything ranging from typographical errors to overflowable buffers. What generally can't be picked up in a code review is flawed application design. This is not the fault of the reviewer, but rather a simple truth that a reviewing developer needs a complete understanding of how the application or portion of the application is intended to function, and what the needs are. Indeed, this can be a minor detail in overall application design, but a flaw -- even an extraordinarily minute one -- could present numerous vulnerabilities.

From that, I would put forth this analysis: Neither methodology lends itself to writing more secure software, as that is a consideration that every developer must take into account in their code development.

Definitely an interesting point for debate.