Comment Not necessarily stack overflow (Score 1) 246
All I got from the article is that there is an "unspecified remote code-execution vulnerability". This doesn't necessarily mean a stack overflow. And while a 'stack canary' is a good security measure, it still doesn't protect against a stack overflow that overwrites local variables without touching the return address.
The reason I say this is that they may already be using these security measures. I know any version of Visual Studio that isn't prehistoric turns this feature (/GS) on by default.
The reason I say this is that they may already be using these security measures. I know any version of Visual Studio that isn't prehistoric turns this feature (/GS) on by default.
