Experts from more than 30 U.S. and international cyber-security organizations jointly released a consensus list of the 25 most dangerous programming errors that lead to security bugs and cyber-crime.
The impact of these programming errors is significant. Just two of these errors resulted in more than 1.5 million website security breaches during 2008. These breaches allowed malicious software to take control of the computers that visited those web sites, turning their computers into zombies that committed further cyber-crimes.
Shockingly, most programmers do not understand or look for these errors. Colleges rarely teach programming students how to avoid these errors. And most software companies don’t explicitly test for these errors before releasing their products.