Prometheus 6

Now let's see how Microsoft implements it.

It’s no secret that some C runtime library routines are much more secure than other routines, simply based on what they're supposed to do. It’s also true that some bugs and vulnerabilities exist even in what appear to be safe routines.

Michael Howard, a Microsoft senior security engineer, recently outlined an ongoing project that intends to make C much safer. The first result of the project is strsafe.h, the Visual Studio .NET 2003 and Platform SDK string functions Microsoft introduced in 2002. (I'll provide more details about strsafe.h in a future column.)

Microsoft’s Visual C++ team is taking the steps I suggest that developers follow: The team is evaluating the security of C runtime library functions. However, they're going far beyond what individual developers could do; for instance, they've rewritten about 400 routines to make them more secure.

The new C functions will debut in Visual Studio 2005, and a few functions will improve older code simply by recompiling. But, as Howard wisely points out, it takes more than improved libraries to make most code secure; it also requires attention to using the most secure functions and practices.