Another link about the kid that may be responsible.
It seems like Microsoft is crowing about the $5mil they put up to catch the Sasser Worm creator – the reward worked! Imagine how different it would be if they actually spent $5mil in software development instead of locking the barn door afterwards?
Nahh…why spend $5mil in development when you can spend $5mil in marketing a crappy product and make more money?
Jeez – I learned about buffer overflows 30 years ago, and MS is still selling software with these flaws?
Try turning on Microsoft’s built-in firewall - it will keep the worm from working, allowing you to get the updates.
Sadly, buffer overflows appear in software at all levels of quality. Even Sun’s Solaris is riddled with buffer overflows waiting to be discovered. Some companies even resort to higher level “buffer overflow protection” software that checks for such things at run time.
Secondly, a seemingly unrelated bug can cause a buffer overflow that shouldn’t happen. “Hey, this loop is only going to be executed x times so I’ll make the array size x.” 4000 lines of code away is something that makes it loop x+1 times when the last day of the month is a Friday.
The fact of the matter is that 99% of all programmers are bad at it and even the good ones have off days.
Ftg, I come down kinda hard on MS or any software developer that seems to be ignorant of what was taught in Computer Science decades ago, or what was well-known by hackers going back to when bytes were only bits.
Buffer overflows can happen by accident anywhere in software, but they are very simple to prevent and devastating if ignored. In some languages, merely turning on a switch, perhaps at compile time, enables data length checking for all variables and storage areas with no additional attention by the programmer. It would be very time-consuming to handle each storage area individually, and there is no need to.
If such an automatic feature is not available, there are two simple ways to prevent this nasty – whenever data is being stored at any RAM location, check for valid range. If you have put aside 64 bytes for some variable, any attempt to store more than 64 bytes, or any attempt to index into the variable as an array past the end or before the beginning should trigger an exception.
I have never taught a formal computer science class, but an exercise in data storage and buffer length checking would certainly be part of any class I would design, for the same reason as learning about number bases – decimal, hex, octal, binary. It’s fundamental to the concept.