In context: Common memory safety bugs can lead to dangerous security vulnerabilities such as buffer overflows, uninitialized memory, type confusion, and use-after-free conditions. Attackers can exploit these bugs to compromise entire operating systems, steal users' data, or run malicious code on the vulnerable systems. Most importantly, these type of bugs are the most prevalent in shipping software today.
The issues with memory safety have become a serious concern for the world's most important intelligence and cyber-security agencies commonly known as the Five Eyes. A new paper jointly released by the US Cybersecurity and Infrastructure Security Agency (CISA), NSA, FBI, and other security agencies from Australia, Canada, UK, and New Zealand, is calling for a massive switch to new and effective memory safety coding standards.
These vulnerabilities represent a major problem for the software industry, CISA states, as they force manufacturers to release non-stop security updates customers will have to apply to their software. MSLs that are "safe by design" would eliminate memory safety vulnerabilities, therefore software manufacturers should move away from C, C++ and other "vulnerable" languages to quickly adopt Rust, C#, Go, Java, and other modern coding platforms.
Microsoft acknowledged that memory safety bugs account for 70% of the CVE-listed security vulnerabilities fixed in Windows since 2006, and Google provided a similar figure (67%) for zero-day vulnerabilities discovered in the Chromium project in 2021 alone.
Aptly called The Case for Memory Safe Roadmaps, the new document is intended to promote memory safety programming among C-Suite executives and technical experts. Software companies must hasten their transition to memory safety programming languages (MSLs) to eliminate memory safety flaws, CISA and Five Eyes agencies say, establishing their own memory safety roadmaps to inform customers and the public about the ongoing transition.
Memory safety vulnerabilities are the most prevalent type of disclosed software bugs, CISA says. They are a class of well-known and common coding errors that both malicious actors and adversarial intelligence agents routinely exploit.
Rust is gaining popularity among software companies, and industry giants like Microsoft, the Linux community, and Google are converting many parts of their massive codebases to the new security-focused language. CISA and the other agencies are now urging "senior executives" at every software company to reduce risks for customers, prioritizing design and development practices that will effectively implement MSLs for both new and existing codebases.
In recent years, technology leaders like Mark Russinovich have already pushed for a mass migration from C and C++ to Rust, but not everyone agrees. Bjarne Stroustrup, who created C++, said that proper programming practices can provide type and memory safety in "classic" languages, too. Stroustrup also noted that even Rust code can be written unsafely.