Memory corruption – WindowsTechs.com

Google Sees Drop in Memory Safety Bugs in Android as Code Matures

Posted on September 26, 2024 by Ionut Arghire

Memory safety bugs in Android have decreased significantly as old code matures and new code uses memory-safe languages.
The post Google Sees Drop in Memory Safety Bugs in Android as Code Matures appeared first on SecurityWeek.
Continue reading Google Sees Drop in Memory Safety Bugs in Android as Code Matures→

Google Pushes Rust in Legacy Firmware to Tackle Memory Safety Flaws

Posted on September 9, 2024 by Ryan Naraine

Google’s adoption of memory safe programming languages now includes the deployment of Rust in legacy low-level firmware codebases.
The post Google Pushes Rust in Legacy Firmware to Tackle Memory Safety Flaws appeared first on SecurityWeek.
Continue reading Google Pushes Rust in Legacy Firmware to Tackle Memory Safety Flaws→

Memory corruption vulnerabilities in Suricata and FreeRDP

Posted on August 22, 2024 by Dmitry Shmoylov, Evgeny Legerov, Denis Skvortsov

While pentesting KasperskyOS-based Thin Client and IoT Secure Gateway, we found several vulnerabilities in the Suricata and FreeRDP open-source projects. We shared details on these vulnerabilities with the community along with our fuzzer. Continue reading Memory corruption vulnerabilities in Suricata and FreeRDP→

US Gov Says Software Measurability is ‘Hardest Problem to Solve’

Posted on February 27, 2024 by Ryan Naraine

White House calls for the “timely, complete, and consistent” publication of CVE and CWE data to help solve the security metrics problem.
The post US Gov Says Software Measurability is ‘Hardest Problem to Solve’ appeared first on SecurityWeek.
Continue reading US Gov Says Software Measurability is ‘Hardest Problem to Solve’→

Adobe Patches Code Execution Flaws in Substance 3D Stager

Posted on January 9, 2024 by Ryan Naraine

Patch Tuesday: Adobe patches six security flaws in the Substance 3D Stager product and warned of code execution risks on Windows and macOS.
The post Adobe Patches Code Execution Flaws in Substance 3D Stager appeared first on SecurityWeek.
Continue reading Adobe Patches Code Execution Flaws in Substance 3D Stager→

Critical SOCKS5 Vulnerability in cURL Puts Enterprise Systems at Risk

Posted on October 11, 2023 by Ryan Naraine

Flaw poses a direct threat to the SOCKS5 proxy handshake process in cURL and can be exploited remotely in some non-standard configurations.
The post Critical SOCKS5 Vulnerability in cURL Puts Enterprise Systems at Risk appeared first on SecurityWeek.
Continue reading Critical SOCKS5 Vulnerability in cURL Puts Enterprise Systems at Risk→

Mozilla Firefox 73 Browser Update Fixes High-Severity RCE Bugs

Posted on February 12, 2020 by Lindsey O'Donnell

The release of Firefox 73 fixed high-severity memory safety bugs that could cause arbitrary code execution and missing bounds check that could enable memory corruption. Continue reading Mozilla Firefox 73 Browser Update Fixes High-Severity RCE Bugs→

Microsoft looks to Rust language to beat memory vulnerabilities

Posted on December 4, 2019 by John E Dunn

Microsoft is pressing ahead with an ambitious plan to de-fang common vulnerabilities hiding in old Windows code with the help of Rust. Continue reading Microsoft looks to Rust language to beat memory vulnerabilities→

Microsoft looks to Rust language to beat memory vulnerabilities

Posted on December 4, 2019 by John E Dunn

Amazon Kindle, Embedded Devices Open to Code-Execution

Posted on November 7, 2019 by Tara Seals

Flaws in Das U-Boot affect third-party hardware that uses the universal bootloader as an underlying component. Continue reading Amazon Kindle, Embedded Devices Open to Code-Execution→