The Department of Homeland Security has released an updated list of errors that may cause significant vulnerabilities in software.
TheÂ Common Weakness Enumeration list featuresÂ 25 errors that frequently occur and may critically affect software, DHS said Tuesday.
TheÂ Homeland Security Systems Engineering and Development Institute updated CEW after eight years of the list remaining unchanged. DHS’ Science and Technology Directorate and nonprofit company Mitre manage HSSEDI.
The updated list recognizes “improper restriction of operations within the bounds of a memory buffer” as the new top error that threatens a software’s resiliency.
âEliminating weaknesses prior to software entering the marketplace is an important step in reducing the attack surface which better protects everybody, anywhere in the world,â saidÂ Chris Levendis, CWE project leader.