Buffer overflows seem to be one of the most intractable problems in computer security. Despite the research and learned papers on the subject, buffer overflow attacks seem to be as popular – and as successful – as they ever were.
The chaos and destruction a buffer overflow can cause can be disastrous if not dealt with at the earliest opportunity, but systems developers seem hard pressed to build in suitable defences against them.
While it may be difficult to prevent buffer overflow attacks altogether, it is still possible to limit the threat, and also contain the damage an exploit can inflict, according to Parvez Anwar and Andreas Fuchsberger.
They have been researching the subject and have produced new insights into the problem and how it can be tackled effectively. Their ideas are outlined in a detailed article, "Buffer Overflows in a Windows Environment" (see below for .pdf), that we are publishing on SearchSecurity.co.uk as part of our 2009 series featuring the best new MSc theses from graduates from the Information Security department of Royal Holloway University of London (RHUL).
The article provides a detailed explanation of how these buffer overflow attacks work in the first place, and then goes on to provide practical help in mitigating the potential damage.
As the authors point out, the threat of the buffer overflow will be with us for many years to come. But they propose several techniques that developers can use to avoid serious damage.
Read Buffer overflows in a Windows environment (.pdf) by Parvez Anwar and Andreas Fuchsberger.
SearchSecurity's association with RHUL began last year when we published 12 articles from RHUL's MSc graduates. These were widely appreciated for their new ideas and relevance to security problems. We believe the 2009 series is equally wide-ranging and thought-provoking.
This was first published in June 2009