This specification relates to malware protection software.
Malware is any kind of malicious software such as, for example, a computer virus, spyware, and malicious active content. Malware can spread via infected email attachments, shared files, or malicious websites. Malware can also spread inconspicuously via link files that cause malicious activities to be performed, such as downloading malware.
Malware propagates through a variety of different means, including exploiting known vulnerabilities existing in running programs. Some of these exploits include buffer overflow attacks, which allow an attacker to overwrite a portion of memory by writing more information to a buffer than the program is programmed to handle.
While buffer overflow attacks may be used to execute any code the attacker adds into the buffer, historically, buffer overflow attacks have been used to propagate self-replicating malware. For example the Code Red worm, which defaced Internet Web pages, and the SQL slammer, which launched a denial of service attack, used a buffer overflow to infect web servers.