How can you make sure a crash in your program is not exploitable? The short answer is simple: assume every crash is exploitable and just fix it!
In the November issue of MSDN Magazine, Adel Abouchaev, Damien Hasse, Scott Lambert, and Greg Wroblewski outline some best practices for analyzing program crashes to uncover possible security problems, with a focus on various kinds of access violations. They will enumerate the common hardware and software exceptions you might encounter when looking at these types of issues, and offer some general guidelines you can use during such an investigation.
For more security articles and columns in MSDN Magazine, subscribe to the security RSS feed today.
Microsoft, MSDN, Security, Vulnerability, Exploit, Application Crash, Guide, Book, Magazine