IE will be more secure when Sun fix Java bug 6545701

November 11th, 2008 - 6:01PM

One of the most common security vulnerabilities in Windows software is the buffer overrun exploit. It works by feeding a well crafted data stream into a program that uses a stack based buffer without correctly checking the length of the data stream. By writing past the end of the buffer the overwrite can: Store malicious assembler instructions in the stack’s memory pages Change the current function’s return address on the stack so that the malicious instructions are executed instead of the original calling code hwne the function returns. This technique for injecting code can be used to take control of the current process and possibly the … Continue reading →