Does anyone have any thoughts on how to prevent malware attacks on standalone applications. Let's say this is a program on a Windows machine connected to the internet, this is the most common scenario.
I'm also wondering what type of attacks are possible. I believe .NET will do some type of static check on the code before it runs it, using a type of checksum. This would detect a statically attached malicious code snippet. Can this be gotten around?
What about dynamically injected code. Separate program spaces prevent this to some degree. What about infecting data files? Is it safer to store data in a database and only use service calls no file operations?
What about memory usage techniques to increase security? I know it's not a standalone case, but, the problem with DNS server corruption had to do with a predictable use of, I think, IP addresses. Should memory usage be made more unpredictable?