Season 1 · Episode 7

AAAAAAAAAAAAAAA! You Overflowed My Integer! with George Hughey and Rohit Mothe

Rohit Mothe, Senior Security Researcher at Microsoft, and Windows Security professional George Hughey join Nic Fillingham and Wendy Zenone on this week's episode of The BlueHat Podcast. In this episode, they discuss integer overflow bugs, how they can be nuanced and often confused with other bug categories, why accurately classifying these bugs is crucial for developing effective strategies to fix them at scale, and examples of high-profile vulnerabilities caused by integer overflow.&nbsp;&nbsp;&nbsp;In This Episode You Will Learn:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<ul><li>The challenges of accurately identifying integer overflow bugs&nbsp;</li><li>How developers can proactively prevent integer overflow vulnerabilities in their code&nbsp;</li><li>Why not all integer overflows are malicious and also necessary for certain applications&nbsp;&nbsp;</li></ul>&nbsp;Some Questions We Ask:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<ul><li>What is an integer overflow?&nbsp;</li><li>How can developers mitigate the risk of integer overflow vulnerabilities?&nbsp;</li><li>What are some examples of high-profile exploits based on integer overflow vulnerabilities?&nbsp;</li></ul> Resources:&nbsp;&nbsp;&nbsp;<a href="https://www.linkedin.com/in/rohit-mothe-0a047728/" rel="noopener noreferrer" target="_blank">View Rohit Mothe on LinkedIn</a>&nbsp;<a href="https://www.linkedin.com/in/ghughey/" rel="noopener noreferrer" target="_blank">View George Hughey on LinkedIn</a>&nbsp;<a href="https://www.linkedin.com/in/wendyzenone/" rel="noopener noreferrer" target="_blank">View Wendy Zenone on LinkedIn</a>&nbsp;<a href="https://www.linkedin.com/in/nicfill/" rel="noopener noreferrer" target="_blank">View Nic Fillingham on LinkedIn</a>&nbsp;&nbsp;Follow George on <a href="https://twitter.com/ecthr0s" rel="noopener noreferrer" target="_blank">Twitter</a>&nbsp;Follow Rohit on <a href="https://twitter.com/rohitwas?lang=en" rel="noopener noreferrer" target="_blank">Twitter</a>&nbsp;&nbsp;Discover and follow other Microsoft podcasts at<a href="https://news.microsoft.com/podcasts/" rel="noopener noreferrer" target="_blank"> microsoft.com/podcasts</a>&nbsp;&nbsp; <hr> Hosted on Acast. See <a style='color:grey;' target='_blank' rel='noopener noreferrer' href='https://acast.com/privacy'>acast.com/privacy</a> for more information.

The BlueHat Podcast · Microsoft

July 12, 202345m 8s

Audio is streamed directly from the publisher (traffic.megaphone.fm) as published in their RSS feed. Play Podcasts does not host this file. Rights-holders can request removal through the copyright & takedown page.

Original episode page

Show Notes

Rohit Mothe, Senior Security Researcher at Microsoft, and Windows Security professional George Hughey join Nic Fillingham and Wendy Zenone on this week's episode of The BlueHat Podcast. In this episode, they discuss integer overflow bugs, how they can be nuanced and often confused with other bug categories, why accurately classifying these bugs is crucial for developing effective strategies to fix them at scale, and examples of high-profile vulnerabilities caused by integer overflow.

In This Episode You Will Learn:

The challenges of accurately identifying integer overflow bugs
How developers can proactively prevent integer overflow vulnerabilities in their code
Why not all integer overflows are malicious and also necessary for certain applications

Some Questions We Ask:

What is an integer overflow?
How can developers mitigate the risk of integer overflow vulnerabilities?
What are some examples of high-profile exploits based on integer overflow vulnerabilities?

Resources:

View Rohit Mothe on LinkedIn

View George Hughey on LinkedIn

View Wendy Zenone on LinkedIn

View Nic Fillingham on LinkedIn

Follow George on Twitter

Follow Rohit on Twitter

Discover and follow other Microsoft podcasts at microsoft.com/podcasts

Hosted on Acast. See acast.com/privacy for more information.

← All episodes of The BlueHat Podcast