Buffer overflows are primarily caused by the widespread popularity of the
C programming language,
which heavily promotes them by design and by the traditional absence of compile-time buffer overflow checking tools. (
Purify and
Electric Fence are examples).
In Unix, who needs viruses? We have C.