Home > Articles > Programming > Windows Programming

  • Print
  • + Share This
From the author of

Prevention of Buffer Overruns

The problem of buffer overruns is a major security challenge today. Hackers have been exploiting buffer overruns for years. For example, in November, 2000, there was a known vulnerability in Microsoft's Network Monitor (NetMon) in which a buffer overrun could cause some serious security problems. If someone sent malformed data on the segment where the administrator was monitoring the network using NetMon, it could cause a buffer overrun. In some cases, it could simply fail NetMon, which is not a big deal, as you could simply restart NetMon. However, in other cases, it could have resulted in running the sender's code on the administrator's computer, in the administrator's security context. Obviously, this could be disastrous. Microsoft released a security patch to fix the problem.

In Windows .NET, Microsoft decided to implement buffer overrun checking in the Visual C compiler used for Windows .NET. In addition, they've also taken other steps to analyze the code for buffer overruns. With these precautionary measures, hopefully Windows .NET servers will be less vulnerable to buffer overrun attacks.

  • + Share This
  • 🔖 Save To Your Account