This topic contains information on recommended security tools and practices. Using these resources and tools doesn't make applications immune from attack, but it makes successful attacks less likely.
C++ Security Features
This section discusses security features that are built into the C++ compiler and linker.
This compiler option (which is on by default), instructs the compiler to inject overrun detection code into functions that are at risk of being exploited. When an overrun is detected, execution is halted.
This linker option (which is not enabled by default), instructs the linker to include into the output image, a table containing the address of each exception handler. At runtime, the operating system uses this table to insure that only legitimate exception handlers are executed. This helps prevent the execution of exception handlers introduced by a runtime hacker attack.
This compiler option (which is not enabled by default) activates code analysis that reports potential security issues such as buffer overrun, un-initialized memory, null pointer dereferencing, and memory leaks. See for more information.
For Visual C++ 2005, the C Runtime Library (CRT) has been augmented to include secure versions of functions that pose security risks. (The unchecked strcpy string copy function, for example.) The older, insecure versions of these functions are now deprecated, so their use results in compile-time warnings. Programmers are strongly encouraged to use the secure versions of these CRT functions rather than suppress these compilation warnings. See for more information.
With checked iterators, users of the standard C++ library container classes are notified of attempts to access elements outside the bounds of a container. See for more information.
Code Analysis for Managed Code
Code Analysis for Managed Code, also known as FxCop, is a tool which checks assemblies for conformance to the Microsoft .NET Framework Design Guidelines. FxCop analyzes the code and metadata within each assembly to check for defects in the following areas:
Code Analysis for Managed Code is included in Visual Studio Team System, and can also be downloaded at
Windows Application Verifier
Available as part of the Application Compatibility Toolkit, the Application Verifier (AppVerifier) is a tool that can help developers identify potential application compatibility, stability, and security issues.
The AppVerifier works by monitoring an application's use of the operating system, including the file system, registry, memory, and APIs, while the application is being run. The tool then provides guidance for source-code level fixes of the issues it uncovers.
The verifier lets you:
Test for potential application compatibility errors caused by common programming mistakes.
Examine an application for memory-related issues.
Determine an application's compliance with various requirements of the Designed for Windows XP or Certified for Windows Serverв„ў 2003 Logo Programs.
Identify potential security issues in an application.
The Windows Application Verifier is available at .
.NET Framework Security Features
This section gives an overview of two related .NET Framework security features.
Describes the .NET Framework security system and how it interfaces with application code.
Describes guidelines and tools for adjusting .NET Framework security policies.
Windows User Accounts
Using Windows user accounts that belong to the Administrators group exposes developers and--by extension--customers to security risks. See Running as a Member of the Users Group for more information.