Google emphasizes the importance of memory safety in software development, noting that 70% of severe vulnerabilities are due to memory safety bugs. By adopting memory-safe languages like Java, Python, and Rust, along with tools like sanitizers and fuzzers, Google aims to prevent security vulnerabilities at scale. Through initiatives like OSS-Fuzz and bug detection tooling, Google actively works to reduce memory safety vulnerabilities in C and C++ codebases, while also retrofitting safety measures in existing code
Their approach includes transitioning to memory-safe languages, like Rust, and enhancing security boundaries through isolation techniques and bug detection tools. The long-term strategy involves integrating memory-safe languages into Google's codebases, while containing risks in memory-unsafe code, ultimately aiming to achieve memory safety at scale for a safer digital ecosystem. http://security.googleblog.com/2024/10/safer-with-google-advancing-memory.html