Risks Digest recently had a couple of items about buffer overflows. I can remember when Windows people used to point out that Unix programs were fraught with buffer overflows, back when the buffer overflows in every suid root program were getting explointed left and right. The fact is that people hadn’t even begun delving into buffer overflows in Windows applications yet. Because pretty much everything that runs under Windows is privileged, we’re going to see literally hundreds of buffer overflow exploits for Windows apps before it’s all said and done.