Tontoman shares the following report: The White House Office of the National Cyber Director (ONCD) has urged technology companies to switch to memory-safe programming languages such as Rust to reduce the number of memory safety vulnerabilities and improve the security of their software. These vulnerabilities are coding errors or weaknesses in the software that can cause memory management issues when memory is accessed, written to, allocated, or deallocated. These occur when software accesses memory in an unintended or unsafe manner, resulting in buffer overflows, use after free, use of uninitialized memory, and double frees that attackers can exploit. This poses various security risks and issues.
Successful exploitation carries significant risks and could allow the threat actor to gain unauthorized access to data or execute malicious code with the privileges of the system owner. “For more than 35 years, these same types of vulnerabilities have plagued the digital ecosystem. The challenge of eliminating the entire software vulnerability class is urgent and complex. Looking to the future, this risk new approaches need to be adopted to mitigate this,” says the ONCD report. . “The most effective way to mitigate memory safety vulnerabilities is to protect programming languages, which are one of the building blocks of cyberspace. Memory safety programming languages allow you to avoid most memory safety errors. can be eliminated.”