You know how annoying patches can be, right? Windows will auto update at the drop of a hat, dragging you out of a game at a crucial moment and forcing a restart without a by your leave. Or sometimes it’ll ask and then still ignore you anyway. Smug [email protected]$t. And why does it need this constant sticking plaster of software patches? Because of system memory.
And it doesn’t matter whether it’s the cheapest stick of bare, green PCB Crucial RAM, or the latest $3,000 192GB kit Corsair is shipping out for that overclockable Intel Xeon. Memory, or memory safety, is reportedly the main reason for over 70% of the bug fixes that Microsoft engineers have to roll out for its software. Because of the way that Windows has been written as an OS, an errant code slip here, or a missed character there, could result in memory security exploits for a nefarious actor to use and gain access to a host of different machines.
This revelation came from Microsoft engineer, Matt Miller, talking at an Israel security conference, where he explained to the audience how memory safety bugs could be exploited, and how over the past 12 years at Microsoft 70% of all the patches the company released were to fix such memory bugs.
The surprising stat was highlighted in a report over at Fudzilla, and goes on to explain the problem is a result of the Windows operating system being written mostly in C and C++. Because those programming languages afford a developer such fine-grain access and control of the memory addresses – where code can live and be executed – it’s relatively easy to accidentally introduce a memory bug.
NAND or RAM: Get the tech lowdown with our PC glossary guide
These security bugs can allow a dodgy piece of software to then use the memory bug to execute commands and gain access to system memory which can give it a greater pool of RAM to work with or change where the code is executed.
This can lead to remotely activated software giving hackers control of systems, and this is seemingly what a vast percentage of all Microsoft’s software patches are aimed to squeezing out.
It’s always bloody memory. If your PC has crashed, or is refusing to boot, nine times out of ten it’s the damned RAM. And now it seems that most of those unbidden updates and restarts are all down to memory too.