Microsoft Adopts Rust to Boost Windows Security and Performance

upstart writes:

A complete reimplementation of decades-old code is out the of the question:

Historically, the vast majority of security issues encountered on the Windows platform have been memory-related bugs. Rust can provide a highly effective solution to this long-standing problem, and Windows programmers are well aware of its potential.

Although Rust is still a relatively recent programming language, Microsoft has already embraced the technology as one of the most promising upgrades for Windows core programming. Redmond's software engineers have been diligently rewriting crucial parts of the operating system in Rust, bringing significant improvements in both performance and security to the underlying code.

Rust is a fast, memory-efficient programming language created by Graydon Hoare while working at Mozilla, the first company to officially sponsor and adopt it for their experimental browser engine, Servo. As a typical compiled language, Rust offers native performance for various types of applications, including computer software, low-resource devices, and embedded appliances.

Aside from its performance, one of Rust's main attractions is the fact that the language was designed to provide memory safety from the outset, thereby eliminating many categories of bugs and potential vulnerabilities at compile time. Notably, memory safety bugs account for 70% of the CVE-listed security vulnerabilities fixed in Windows since 2006.

According to David "Dwizzle" Weston, VP of OS Security and Enterprise at Microsoft, some Rust code has been implemented in the Windows kernel already. Speaking at BlueHat IL 2023 in Tel Aviv, Israel, last month, Weston mentioned that Windows 11 could boot in Rust, even though the code's port is currently disabled and concealed behind a feature flag.

Read more of this story at SoylentNews.