Author | Bruno CouriolTranslator | Ma KeweiEditor | Tina
Microsoft Azure Chief Technology Officer Mark Russinovich recently delved into the key factors driving the adoption of the Rust programming language at the Rust Nation UK conference. He showcased the application results of Rust through real-world examples from Microsoft products and elaborated on how to leverage generative AI to accelerate the ongoing efforts to migrate from C/C++ to Rust.
The initial motivation for adopting Rust stemmed from a comprehensive analysis of security vulnerabilities. Russinovich stated:
It all started with our examination of the long-standing issues with C/C++… According to statistics from the Microsoft Security Response Center over the past decade, 70% of security issues stem from improper memory operations in C++. As attackers continue to target these vulnerabilities, this trend persists, leading to numerous security incidents.
Other tech giants and security agencies have reached similar conclusions. A report from Google’s Project Zero security research team indicated that out of 58 zero-day vulnerabilities discovered in the wild that year, 39 (67%) were memory corruption vulnerabilities. Memory corruption vulnerabilities have consistently been a major attack vector for software, both in the past and present. Mozilla estimated years ago that if the style components of Firefox were rewritten in Rust, 74% of security vulnerabilities could have been avoided. In fact, Rust’s creator, Graydon Hoare, pointed out in an early Rust-related talk at the Firefox annual summit in 2010 that C++ is unsafe in almost every aspect; it lacks ownership mechanisms, has no concurrency control, and cannot even guarantee const immutability.
Microsoft’s Secure Future Initiative is directly related to two state-sponsored cyber attack incidents, and Russinovich stated that the initiative aims to expand the application of memory-safe languages. Microsoft recently donated $1 million to the Rust Foundation to support the focused development of the Rust language and its core projects.
Russinovich detailed specific cases of Rust adoption in Microsoft products. In the Windows operating system, Rust is used in safety-critical software, including firmware development (Project Mu), kernel components, cryptographic libraries (such as rustls and symcrypt support), and auxiliary components (like DirectWrite Core).
In the Office suite, Rust has been utilized in certain performance-sensitive areas. The semantic search algorithm implemented in Rust on CosmosDB and PostgreSQL has been confirmed to outperform its C++ counterpart in terms of performance and memory efficiency, providing significant advantages for large-scale vector searches.
With the Azure division mandating the discontinuation of C++ for new system code, Rust has been applied in several Azure-related software. Caliptra is an industry collaboration project focused on secure cloud server firmware, with its critical firmware components entirely written in Rust and open-sourced. Azure Integrated HSM is a new self-developed security chip set to be deployed in all new servers starting in 2025, with its firmware and client libraries written in Rust to ensure the highest security standards for cryptographic key management. Russinovich also mentioned that projects like Azure Boost proxy, Hyper-V (Microsoft’s virtualization platform), the recently open-sourced cross-platform modular virtual machine monitor OpenVMM, and Hyperlight have partially or fully implemented Rust.
Feedback from Microsoft developers regarding Rust has generally been positive, but there are also negative comments. Positive aspects include: developers praise that Rust code, once compiled, usually runs as expected, significantly speeding up development iterations; reduced development friction enhances the motivation to write tests; developers’ awareness of memory management pitfalls has notably increased; the Rust ecosystem and Cargo package manager are highly regarded for dependency management; although performance improvement is not the primary goal, performance enhancements are often observed in practice; data race-related concurrency errors have significantly decreased; and the number of vulnerabilities caused by memory safety issues has dropped dramatically.
Negative feedback primarily focuses on: interoperability with C++ remains challenging; the initial learning curve for Rust is considered too steep; dynamic linking implementation poses challenges; reliance on certain unstable Rust features raises concerns; integrating Cargo into large enterprise build systems requires additional investment; even with Rust, implementing safe Foreign Function Interfaces (FFI) remains challenging; and toolchain support is still perceived as lacking compared to other languages.
Russinovich further elaborated on Microsoft’s efforts to accelerate the migration of C/C++ legacy code to Rust. One key area of focus is verified cryptographic libraries: first formally verifying C code, then translating it into safe Rust code (see the paper “Formal Compilation from C to Safe Rust”). Microsoft is also exploring the use of large language models for automated code conversion.
In conclusion, Russinovich reaffirmed Microsoft’s strong commitment to Rust and emphasized the increasingly mature ecosystem and scale of adoption of Rust:
There will always be those who question whether there is a better new programming language than Rust that is also easier to use. My response to that is: when will it truly be ready? It took us about ten years of development before we felt Rust was mature enough. The maturity of a language and its toolchain takes a long time, and the Rust toolchain is still being continuously improved. Any new language that wants to challenge Rust’s position at this stage must overcome a very high barrier. Therefore, I believe there is nothing that can replace Rust in the short term… We are 100% committed to the development of Rust.
It is recommended to watch the full presentation video on YouTube, which contains a wealth of valuable practical cases, technical analyses, and live demonstrations.
Rust Nation UK is a multi-track technology conference focused on the Rust language and its community development, held annually at The Brewery in London, offering carefully curated workshops, technical talks, and educational courses for developers of all levels.
Click belowto read the original articleVisit InfoQ’s official website for more exciting content!
Today’s Recommended Articles“The Strongest Coding Model” Launched, Exclusive Insights from Claude’s Core Engineer: Available for 24/7 Work by Year-End, DeepSeek is Not Cutting-EdgeIndian Programmers Posing as AI’s “Unicorn” Completely Collapsed! Fake AI Burned $500 Million, Even Microsoft and Amazon Were “Tricked”Jeff Dean: AI Will Replace Junior Engineers Within a Year, Netizens: “Altman Only Talks Big, What Jeff Says is Deadly”Hundreds of Resumes, Zero Offers, 42-Year-Old PHP Programmer Survives by Driving for Ride-Hailing: The AI Era is Unfolding a Midlife Crisis?