NSA issues guidance on how to prevent software memory security issues > National Security Agency/Central Security Service > Article

Fort Medea, MD – The National Security Agency (NSA) today published guidance to help software developers and operators prevent and mitigate software memory security issues, which include several exploitable vulnerabilities.

of “Software Memory Security” Cyber ​​Security Fact Sheet It highlights how malicious cyber actors can exploit poor memory management issues to gain access to confidential information, declare unauthorized code execution, and cause other adverse effects.

“Memory manipulation issues have been used for decades and are still very common today,” said Neil Ziering, Cybersecurity Technical Director. To avoid these vulnerabilities from malicious cyber actors, we must consistently use memory-safe languages ​​and other safeguards when developing software.

Microsoft and Google each state that software memory security issues are behind 70 percent of their vulnerabilities. Poor memory management can also lead to technical issues, such as incorrect program outputs, program performance degradation over time, and program crashes.

The NSA recommends that organizations use memory-safe languages ​​whenever possible, and to strengthen protection with code-enhancement defenses such as compiler options, device options, and operating system configurations.

Read the full report here.

Visit our full library for more cybersecurity information and technical guidance.


We offer you some site tools and assistance to get the best result in daily life by taking advantage of simple experiences