Many of the vulnerabilities found in software are caused by memory-related coding bugs. Learn about an innovative technology that Microsoft developed to eradicate these bugs.
When Microsoft analyzed all the software vulnerabilities it had patched over the years, an interesting finding emerged: many of the vulnerabilities were due to memory-related bugs in programs written in the C and C++ languages. Wanting to do something about it, Microsoft began looking at ways to detect and eliminate these bugs. None of the existing solutions proved satisfactory so the tech giant developed its own solution called InitAll.
Introducing InitAll
To understand how InitAll works, it helps to know a bit about initialization in C and C++ code.
In the C and C++ programming languages, objects known as variables are used to hold data. Variables need to be initialized — in other words, assigned an initial value — before being used. It is the developers’ responsibility to make sure their variables are initialized correctly, as there are no enforcement mechanisms built into the C and C++ languages. When developers don’t get it right, there can be instances of uninitialized memory in the programs, which can make the software vulnerable to cyberattacks.
Microsoft found that 5% to 10% of the vulnerabilities it patched in 2017 and 2018 were due to uninitialized memory bugs. To eradicate them, the software giant developed InitAll. This technology automatically initializes certain types of variables to zero when C and C++ code is compiled. For example, it initializes scalars and arrays of pointers but not volatile variables or arrays containing anything other than pointers. InitAll does not initialize variables that have already been assigned a variable in the code’s declaration.
Phased Implementation
Microsoft is taking a phased approach in rolling out the InitAll technology. Windows 10 Version 1903, which was released in May 2019, was the first Windows version to ship with InitAll enabled in some of its components, including its kernel-mode and Hyper-V code. Those areas were selected because of their history of having uninitialized memory bugs in their stack memory.
“Now that we’ve successfully rolled the technology out to the highest priority targets, we can shift our focus to the rest of our code,” said Joe Bialek, a member of the Microsoft Security Response Center (MSRC) Vulnerabilities & Mitigations team. Besides enabling InitAll in all Windows 10 code, Microsoft plans to expand the technology’s capabilities so that it can be used to initialize all types of allocations (e.g., all types of arrays).
InitAll Is Having an Impact
Although InitAll has not been in circulation that long, there are already indications that it will help eliminate uninitialized memory bugs. “Since shipping InitAll to the world, we’ve had multiple vulnerability reports submitted to MSRC that did not reproduce on the latest versions of Windows due to InitAll,” said Bialek. “This effectively downgrades the vulnerabilities from ‘security bugs’ to ‘code defect that currently has no negative impacts’. This means we no longer need to ship a security update for the in-market operating systems that have the mitigation installed, saving customers patching pain and Microsoft servicing pain.”
Binary code flickr photo by Christiaan Colen shared under a Creative Commons (BY-SA) license