Memory error exploitations have been around for over 25 years and still rank among the top 3 most dangerous software errors. Why haven’t we been able to stop them? Given the host of security measures on modern machines, are we less vulnerable than before, and can we expect to eradicate memory error problems in the near future? In this paper, we present a quarter century worth of memory errors: attacks, defenses, and statistics. A historical overview provides insight in past trends and developments, while an investigation of real-world vulnerabilities and exploits allows us to answer on the significance of memory errors in the foreseeable future.
|Title of host publication||15th International Symposium on Research in Attacks, Intrusions and Defenses (RAID)|
|Publication status||Published - 12 Sept 2012|