70% of Microsoft security vulnerabilities stem from memory errors

At the BlueHat Security Conference in Israel discussing security over the weekend, a Microsoft engineer revealed that over the past 12 years the number of patches Microsoft has released to fix security-related errors memory accounts for about 70%.

Memory safety is the term used to describe when applications access the operating system memory in accordance with the instructions of the system and do not cause errors. When software (inadvertently or intentionally) accessing system memory beyond memory addresses provided or beyond the allowed limits will cause security-related security vulnerabilities. mind.

70% of Microsoft security vulnerabilities stem from memory errors Picture 1

The reason is that the majority of Windows source code is written in C and C ++ languages. Both of these programming languages ​​allow programmers to take control of memory addresses to execute their code, so they are considered "unsafe for memory". A series of memory safety errors can occur if a small error occurs in the memory management code of the programmer. Attackers can take advantage of these errors to execute remote code or activate high-level privileges . causing dangerous consequences.

At the present time, memory errors are one of the most used loopholes for hackers. The most popular vulnerabilities include heap corruption (heap memory corruption) vulnerabilities and use-after-free (allowing bad guys to attack after users interact with malware).

70% of Microsoft security vulnerabilities stem from memory errors Picture 2
The chart of the number of vulnerabilities is not related to memory safety (light blue) compared to the number of memory-related vulnerabilities (dark green) by year patched (horizontal axis).

Memory safety vulnerabilities include:

1. Buffer overflow - Buffer overflow.
2. Race condition - Too many threads to access data / resources.
3. Page fault - Memory page error.
4. Null pointer - Empty indicator.
5. Stack exhaustion - Depletion of stacked memory areas.
6. Heap exhaustion / corruption - Depletion / heap memory error.
7. Use after free or double free - Allow remote code execution if users interact with malicious content.