When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works.

Microsoft responds to Cigital allegations

I was surfing Ms Visual Studio .Net website and came accross a link to

this response to Cigital.

To: BugTraq

Subject: In response to alleged vulnerabilities in Microsoft Visual C++

security checks feature

Date: Feb 14 2002 3:50PM

Author: Brandon Bray

To be clear, the security check feature introduced in the Microsoft Visual C++ .NET compiler is NOT vulnerable. The allegation that applications compiled with Visual C++'s /GS switch some how expose themselves to more attacks is unfounded and patently false.

The Cigital press release itself says it, "This security feature is meant to protect potentially vulnerable source code automatically from _some_ forms of buffer overflow attacks." The expectation is right there, some forms of buffer overflow attacks can evade the compiler injected security checks. This understanding makes the following

statement in the Cigital press release questionable:

"The protection afforded by the new feature allows developers to continue to use vulnerable string functions such as strcpy() as usual and still be "protected" against some forms of stack smashing.'

What is quite distressing though is that the Cigital press release strays from a solid understanding of /GS and changes its position, later saying "Note that the new feature is meant to protect any program compiled with the 'protected' compiler feature." Unfortunately, this is far from the truth and never the intention of the /GS feature.


Brandon Bray

Visual C++ Compiler Team

Read Complete Text Here

News source: Security Focus

Report a problem with article
Next Article

Neowin News - Article positions filled

Previous Article

Biromsoft Calculator 2.05