The Department of Homeland Security has released an updated list of errors that may cause significant vulnerabilities in software.
The Common Weakness Enumeration list features 25 errors that frequently occur and may critically affect software, DHS said Tuesday.
The Homeland Security Systems Engineering and Development Institute updated CEW after eight years of the list remaining unchanged. DHS' Science and Technology Directorate and nonprofit company Mitre manage HSSEDI.
The updated list recognizes "improper restriction of operations within the bounds of a memory buffer" as the new top error that threatens a software's resiliency.
“Eliminating weaknesses prior to software entering the marketplace is an important step in reducing the attack surface which better protects everybody, anywhere in the world,” said Chris Levendis, CWE project leader.