Articles > Government magazines > Computers and Media magazines > The Online Reporter articles > January-March 2002 > Monday, February 25

Article: VC++.NET Compiler Called "Vulnerability Seeder".(Cigital warns of flaw in Microsoft's Visual C++.NET compiler)

Article from:
The Online Reporter
Article date:
February 25, 2002
Copyright

A software risk management consultancy by the name of Cigital claims the protection mechanism in Microsoft's Visual C++.NET compiler is vulnerable to attack.

The mechanism is called /GS and is there to handle buffer overflows, the cause of a lot of Microsoft's security woes.

Cigital warns against using it. It claims /GS resembles a piece of third-party widgetry called StackGuard and it takes a dim view of StackGuard. "The StackGuard mechanism makes a poor efficiency/security tradeoff, especially as implemented in Microsoft's compiler," it says.

Microsoft claims /GS has nothing to do with StackGuard.

Cigital took impetus from a white ...

Read all of this article with a FREE trial

Related newspaper, magazine, and journal articles:

No articles like the one above were found.

 
 
Newsweek Harper's Magazine The Washington Post Chicago Tribune Crain's Chicago Business PRNewswire Pediatric News The Nation Advertising Age The Economist (US) A FREE trial gives you access to over 80 million articles! Access over 6,500 publications with a FREE trial!

Find articles, research, and archives