Microsoft: 70 Percent of All Security Bugs Are Memory Safety Issues

More from: | Slashdot |
0

Around 70 percent of all the vulnerabilities in Microsoft products addressed through a security update each year are memory safety issues; a Microsoft engineer revealed last week at a security conference. From a report: Memory safety is a term used by software and security engineers to describe applications that access the operating system’s memory in a way that doesn’t cause errors. Memory safety bugs happen when software, accidentally or intentionally, accesses system memory in a way that exceeds its allocated size and memory addresses. Users who often read vulnerability reports come across terms over and over again. Terms like buffer overflow, race condition, page fault, null pointer, stack exhaustion, heap exhaustion/corruption, use after free, or double free — all describe

(...)

Read full article » http://rss.slashdot.org/~r/Slashdot/slashdot/~3/Eplnarj3Hzw/microsoft-70-percent-of-all-security-bugs-are-memory-safety-issues


About | Slashdot |

Slashdot was created in 1997 by Rob "CmdrTaco" Malda. Today it's owned by BIZX, LLC. Slashdot is run primarily by a handful of editors and coders, with the help of many others. As of April 2016, the Slashcode is wrangled and taunted by Drew ("SlashDrew") Kroft. The editors are Beau ("BeauHD") Hamilton, Manish ("manishs") Singh, David ("EditorDavid"), and Logan ("whipslash") Abbott.

»Twitter: @slashdot »Facebook: @slashdot