US National Security Agency published The report with analysis the risks of vulnerabilities caused by errors when working with memory, such as an appeal to the memory area after its release and exit beyond the buffer. Organizations are recommended, if possible, to get away from the use of programming languages, such as SI and SI ++ that shift the memory management into the developer, in favor of languages that provide automatic memory management or perform checks of safe memory working during compilation.
Among the recommended languages that can reduce the risk of errors caused by unsafe memory work are named C#, Go, Java, Ruby, Rust and Swift. An example is the statistics of the companies microsoft And Google, in accordance with which about 70% of vulnerabilities in their software products are caused by unsafe memory work. If it is impossible to migrate to safer languages, organizations advise strengthening protection using additional compile options, tools to identify errors and set up operating systems that complicate the operation of vulnerabilities.