The FBI and CISA are calling on programmers to stop using buffer overflow in their code.
US authorities warn of the danger of such flaws in products from Microsoft and VMware, among others. They write that in a recent security advisory.
Avoiding old programming languages
The U.S. cybersecurity agency(CISA) says software developers should adopt secure development practices and avoid insecure programming languages.
A buffer overflow occurs when software writes more data to memory than is reserved, overwriting memory. Attackers can abuse that process to take over or crash software.
The FBI and CISA stress that buffer overflow errors can be avoided by no longer using outdated programming languages such as C and C++. They recommend switching to more secure languages such as Rust, Go and Swift. Manufacturers are advised to create a phased transition plan and better secure existing codebases.
read also