Security is a never-ending game of leapfrog as attackers work out ways around our defenses and we defenders constantly update defenses.
At Microsoft, we always try to chose the most appropriate way to place one or more defenses; some defenses are in the Windows operating system, and some are in the compiled code. One well known defense in Visual C++ is /GS <http://msdn.microsoft.com/en-us/library/8dbf701c.aspx>, which adds random data to a function’s stack to make it harder to successfully pull off various forms of stack-based buffer overrun, and in Visual C++ 2010, we have upgraded the /GS heuristics substantially.
Rather than explain it all here, the Security Research & Defense <http://blogs.technet.com/srd> team has written an excellent article <http://blogs.technet.com/srd/archive/2009/03/20/enhanced-gs-in-visual-studio-2010.aspx> explaining how /GS is improved in VC++ 2010.
It’s important to remember that /GS is just one SDL-mandated facet to help secure code:
- Run with least privilege
- Use Address Space Layout Randomization
- Use NX (aka DEP)
- Use safe exception handling
- Remove banned APIs and replace them with safer APIs
- Fuzz the code
- Much more…