Are there any known methods that can be used to make your software immune to viruses? To be more specific, the development is done in .NET. Is there anything built into .NET that would help with this? I had someone specifically ask me about this and I did not have the slightest clue.
Update: Immunity in this situation would mean immune to exploitation. At least I believe that’s what the person asking the question to me wanted to know.
I realize this is an extremely open ended question and that software development is way off from being at a point where it software developed can really be immune to viruses.
When you say immune to viruses, do you mean immune to exploitation? I think any software being immune to viruses is some way off for any development platform.
In general, there are two important activities that lead to secure software
inherent design of a system allow an
attacker to control the host machine. However, a secure design won’t protect against insecure coding.
importantly, don’t trust user input. However, secure coding won’t protect against an insecure design.
There are several features of .NET that help reduce the liklihood of exploitation.
allocation and destruction. This helps prevent exploitable heap corruption.
.
vulnerable to stack overflows in the
same way as the normal x86 execution
model. Arrays are allocated on the
heap.