软件内存安全最重要的安全优势可以简单地表述为：对于C和C++软件，攻击者可以利用大多数漏洞完全、无限制地控制软件行为，而对于大多数内存安全的软件则并非如此。幸运的是，这种安全优势——即大多数漏洞不会给予攻击者完全控制权——可以通过未经修改的C/C++软件实现，而无需为每个应用程序付出额外努力。这并不需要尝试建立内存安全性；相反，只需消除大部分软件在内存损坏情况下可能执行的组合方式即可。为了消除这些交错执行路径，已经存在实用的编译器和运行时机制，其开销很小且不需要特殊的硬件或平台支持。这里描述的每种机制已经在一个或多个平台上大规模投入生产使用。通过在开发工具链中支持它们的联合使用，可以迅速且显著地提高所有C和C++软件针对远程代码执行攻击的安全性。

The most important security benefit of software memory safety is easy to state: for C and C++ software, attackers can exploit most bugs and vulnerabilities to gain full, unfettered control of software behavior, whereas this is not true for most bugs in memory-safe software. Fortunately, this security benefit -- most bugs don't give attackers full control -- can be had for unmodified C/C++ software, without per-application effort. This doesn't require trying to establish memory safety; instead, it is sufficient to eliminate most of the combinatorial ways in which software with corrupted memory can execute. To eliminate these interleavings, there already exist practical compiler and runtime mechanisms that incur little overhead and need no special hardware or platform support. Each of the mechanisms described here is already in production use, at scale, on one or more platforms. By supporting their combined use in development toolchains, the security of all C and C++ software against remote code execution attacks can be rapidly, and dramatically, improved.