This document is part of the US-CERT website archive. These documents are no longer updated and may contain outdated information. Links may also no longer function. Please contact firstname.lastname@example.org if you have any questions about the US-CERT website archive.
Factual security-related knowledge that all engineers should be aware of.
Software defects with security ramifications, including implementation bugs and design flaws such as buffer overflows and inconsistent error handling, promise to be with us for years. Recurring patterns of software defects leading to vulnerabilities have been identified, and the BSI team is documenting detailed instructions on how to produce software without these defects.