diff --git a/toolkit/components/maintenanceservice/maintenanceservice.cpp b/toolkit/components/maintenanceservice/maintenanceservice.cpp
--- a/toolkit/components/maintenanceservice/maintenanceservice.cpp
+++ b/toolkit/components/maintenanceservice/maintenanceservice.cpp
@@ -147,18 +147,18 @@ GetLogDirectoryPath(WCHAR *path)
  * @param  path      The out buffer to store the log path of size MAX_PATH + 1
  * @param  basePath  The base directory where the calculated path should go
  * @param  logNumber The log number, 0 == updater.log
  * @return TRUE if successful.
  */
 BOOL
 GetBackupLogPath(LPWSTR path, LPCWSTR basePath, int logNumber)
 {
-  WCHAR logName[64];
-  wcscpy(path, basePath);
+  WCHAR logName[64] = { L'\0' };
+  wcsncpy(path, basePath, sizeof(logName) / sizeof(logName[0]) - 1);
   if (logNumber <= 0) {
     swprintf(logName, sizeof(logName) / sizeof(logName[0]),
              L"maintenanceservice.log");
   } else {
     swprintf(logName, sizeof(logName) / sizeof(logName[0]),
              L"maintenanceservice-%d.log", logNumber);
   }
   return PathAppendSafe(path, logName);
diff --git a/toolkit/components/maintenanceservice/serviceinstall.cpp b/toolkit/components/maintenanceservice/serviceinstall.cpp
--- a/toolkit/components/maintenanceservice/serviceinstall.cpp
+++ b/toolkit/components/maintenanceservice/serviceinstall.cpp
@@ -382,20 +382,21 @@ SvcInstall(SvcInstallAction action)
 
         // We rename the last 3 filename chars in an unsafe way.  Manually
         // verify there are more than 3 chars for safe failure in MoveFileExW.
         const size_t len = wcslen(serviceConfig.lpBinaryPathName);
         if (len > 3) {
           // Calculate the temp file path that we're moving the file to. This 
           // is the same as the proper service path but with a .old extension.
           LPWSTR oldServiceBinaryTempPath = 
-            new WCHAR[wcslen(serviceConfig.lpBinaryPathName) + 1];
-          wcscpy(oldServiceBinaryTempPath, serviceConfig.lpBinaryPathName);
+            new WCHAR[len + 1];
+          memset(oldServiceBinaryTempPath, 0, (len + 1) * sizeof (WCHAR));
+          wcsncpy(oldServiceBinaryTempPath, serviceConfig.lpBinaryPathName, len);
           // Rename the last 3 chars to 'old'
-          wcscpy(oldServiceBinaryTempPath + len - 3, L"old");
+          wcsncpy(oldServiceBinaryTempPath + len - 3, L"old", 3);
 
           // Move the current (old) service file to the temp path.
           if (MoveFileExW(serviceConfig.lpBinaryPathName, 
                           oldServiceBinaryTempPath, 
                           MOVEFILE_REPLACE_EXISTING | MOVEFILE_WRITE_THROUGH)) {
             // The old binary is moved out of the way, copy in the new one.
             if (!CopyFileW(newServiceBinaryPath, 
                            serviceConfig.lpBinaryPathName, FALSE)) {
@@ -672,26 +673,26 @@ SetUserAccessServiceDACL(SC_HANDLE hServ
     LocalFree(sid);
     return lastError;
   }
 
   // Lookup the account name, the function fails if you don't pass in
   // a buffer for the domain name but it's not used since we're using
   // the built in account Sid.
   SID_NAME_USE accountType;
-  WCHAR accountName[UNLEN + 1];
-  WCHAR domainName[DNLEN + 1];
+  WCHAR accountName[UNLEN + 1] = { L'\0' };
+  WCHAR domainName[DNLEN + 1] = { L'\0' };
   DWORD accountNameSize = UNLEN + 1;
   DWORD domainNameSize = DNLEN + 1;
   if (!LookupAccountSidW(NULL, sid, accountName, 
                          &accountNameSize, 
                          domainName, &domainNameSize, &accountType)) {
     LOG_WARN(("Could not lookup account Sid, will try Users.  (%d)",
               GetLastError()));
-    wcscpy(accountName, L"Users");
+    wcsncpy(accountName, L"Users", UNLEN);
   }
 
   // We already have the group name so we can get rid of the SID
   FreeSid(sid);
   sid = NULL;
 
   // Build the ACE, BuildExplicitAccessWithName cannot fail so it is not logged.
   EXPLICIT_ACCESS ea;
diff --git a/toolkit/components/maintenanceservice/workmonitor.cpp b/toolkit/components/maintenanceservice/workmonitor.cpp
--- a/toolkit/components/maintenanceservice/workmonitor.cpp
+++ b/toolkit/components/maintenanceservice/workmonitor.cpp
@@ -340,17 +340,17 @@ ProcessSoftwareUpdateCommand(DWORD argc,
                 GetLastError()));
     }
     return FALSE;
   }
 
   // Verify that the updater.exe that we are executing is the same
   // as the one in the installation directory which we are updating.
   // The installation dir that we are installing to is installDir.
-  WCHAR installDirUpdater[MAX_PATH + 1] = {L'\0'};
+  WCHAR installDirUpdater[MAX_PATH + 1] = { L'\0' };
   wcsncpy(installDirUpdater, installDir, MAX_PATH);
   if (!PathAppendSafe(installDirUpdater, L"updater.exe")) {
     LOG_WARN(("Install directory updater could not be determined."));
     result = FALSE;
   }
 
   BOOL updaterIsCorrect;
   if (result && !VerifySameFiles(argv[0], installDirUpdater, 
diff --git a/toolkit/mozapps/update/common/pathhash.cpp b/toolkit/mozapps/update/common/pathhash.cpp
--- a/toolkit/mozapps/update/common/pathhash.cpp
+++ b/toolkit/mozapps/update/common/pathhash.cpp
@@ -109,17 +109,18 @@ CalculateRegistryPathFromFilePath(const 
     filePathLen--;
   }
 
   // Copy in the full path into our own buffer.
   // Copying in the extra slash is OK because we calculate the hash
   // based on the filePathLen which excludes the slash.
   // +2 to account for the possibly trailing slash and the null terminator.
   WCHAR *lowercasePath = new WCHAR[filePathLen + 2];
-  wcscpy(lowercasePath, filePath);
+  memset(lowercasePath, 0, (filePathLen + 2) * sizeof(WCHAR));
+  wcsncpy(lowercasePath, filePath, filePathLen + 1);
   _wcslwr(lowercasePath);
 
   BYTE *hash;
   DWORD hashSize = 0;
   if (!CalculateMD5(reinterpret_cast<const char*>(lowercasePath), 
                     filePathLen * 2, 
                     &hash, hashSize)) {
     delete[] lowercasePath;
diff --git a/toolkit/mozapps/update/common/updatehelper.cpp b/toolkit/mozapps/update/common/updatehelper.cpp
--- a/toolkit/mozapps/update/common/updatehelper.cpp
+++ b/toolkit/mozapps/update/common/updatehelper.cpp
@@ -43,17 +43,17 @@ BOOL
 PathGetSiblingFilePath(LPWSTR destinationBuffer,
                        LPCWSTR siblingFilePath,
                        LPCWSTR newFileName)
 {
   if (wcslen(siblingFilePath) >= MAX_PATH) {
     return FALSE;
   }
 
-  wcscpy(destinationBuffer, siblingFilePath);
+  wcsncpy(destinationBuffer, siblingFilePath, MAX_PATH);
   if (!PathRemoveFileSpecW(destinationBuffer)) {
     return FALSE;
   }
 
   if (wcslen(destinationBuffer) + wcslen(newFileName) >= MAX_PATH) {
     return FALSE;
   }
 
@@ -75,23 +75,23 @@ PathGetSiblingFilePath(LPWSTR destinatio
  * @return TRUE if there was no error starting the process.
  */
 BOOL
 LaunchWinPostProcess(const WCHAR *installationDir,
                      const WCHAR *updateInfoDir,
                      bool forceSync,
                      HANDLE userToken)
 {
-  WCHAR workingDirectory[MAX_PATH + 1];
-  wcscpy(workingDirectory, installationDir);
+  WCHAR workingDirectory[MAX_PATH + 1] = { L'\0' };
+  wcsncpy(workingDirectory, installationDir, MAX_PATH);
 
   // Launch helper.exe to perform post processing (e.g. registry and log file
   // modifications) for the update.
-  WCHAR inifile[MAX_PATH + 1];
-  wcscpy(inifile, installationDir);
+  WCHAR inifile[MAX_PATH + 1] = { L'\0' };
+  wcsncpy(inifile, installationDir, MAX_PATH);
   if (!PathAppendSafe(inifile, L"updater.ini")) {
     return FALSE;
   }
 
   WCHAR exefile[MAX_PATH + 1];
   WCHAR exearg[MAX_PATH + 1];
   WCHAR exeasync[10];
   bool async = true;
@@ -107,43 +107,43 @@ LaunchWinPostProcess(const WCHAR *instal
 
   if (!GetPrivateProfileStringW(L"PostUpdateWin", L"ExeAsync", L"TRUE",
                                 exeasync,
                                 sizeof(exeasync)/sizeof(exeasync[0]),
                                 inifile)) {
     return FALSE;
   }
 
-  WCHAR exefullpath[MAX_PATH + 1];
-  wcscpy(exefullpath, installationDir);
+  WCHAR exefullpath[MAX_PATH + 1] = { L'\0' };
+  wcsncpy(exefullpath, installationDir, MAX_PATH);
   if (!PathAppendSafe(exefullpath, exefile)) {
     return false;
   }
 
   WCHAR dlogFile[MAX_PATH + 1];
   if (!PathGetSiblingFilePath(dlogFile, exefullpath, L"uninstall.update")) {
     return FALSE;
   }
 
-  WCHAR slogFile[MAX_PATH + 1];
-  wcscpy(slogFile, updateInfoDir);
+  WCHAR slogFile[MAX_PATH + 1] = { L'\0' };
+  wcsncpy(slogFile, updateInfoDir, MAX_PATH);
   if (!PathAppendSafe(slogFile, L"update.log")) {
     return FALSE;
   }
 
-  WCHAR dummyArg[14];
-  wcscpy(dummyArg, L"argv0ignored ");
+  WCHAR dummyArg[14] = { L'\0' };
+  wcsncpy(dummyArg, L"argv0ignored ", sizeof(dummyArg) / sizeof(dummyArg[0]) - 1);
 
   size_t len = wcslen(exearg) + wcslen(dummyArg);
   WCHAR *cmdline = (WCHAR *) malloc((len + 1) * sizeof(WCHAR));
   if (!cmdline) {
     return FALSE;
   }
 
-  wcscpy(cmdline, dummyArg);
+  wcsncpy(cmdline, dummyArg, len);
   wcscat(cmdline, exearg);
 
   if (forceSync ||
       !_wcsnicmp(exeasync, L"false", 6) ||
       !_wcsnicmp(exeasync, L"0", 2)) {
     async = false;
   }
 
@@ -223,22 +223,23 @@ StartServiceUpdate(LPCWSTR installDir)
   // proceed with upgrading it.
 
   STARTUPINFOW si = {0};
   si.cb = sizeof(STARTUPINFOW);
   // No particular desktop because no UI
   si.lpDesktop = L"";
   PROCESS_INFORMATION pi = {0};
 
-  WCHAR maintserviceInstallerPath[MAX_PATH + 1];
-  wcscpy(maintserviceInstallerPath, installDir);
+  WCHAR maintserviceInstallerPath[MAX_PATH + 1] = { L'\0' };
+  wcsncpy(maintserviceInstallerPath, installDir, MAX_PATH);
   PathAppendSafe(maintserviceInstallerPath,
                  L"maintenanceservice_installer.exe");
-  WCHAR cmdLine[64];
-  wcscpy(cmdLine, L"dummyparam.exe /Upgrade");
+  WCHAR cmdLine[64] = { '\0' };
+  wcsncpy(cmdLine, L"dummyparam.exe /Upgrade",
+          sizeof(cmdLine) / sizeof(cmdLine[0]) - 1);
   BOOL svcUpdateProcessStarted = CreateProcessW(maintserviceInstallerPath,
                                                 cmdLine,
                                                 NULL, NULL, FALSE,
                                                 0,
                                                 NULL, installDir, &si, &pi);
   if (svcUpdateProcessStarted) {
     CloseHandle(pi.hProcess);
     CloseHandle(pi.hThread);
@@ -361,18 +362,18 @@ PathAppendSafe(LPWSTR base, LPCWSTR extr
  * the service and instead will attempt an update the with a UAC prompt.
  *
  * @param  updateDirPath The path of the update directory
  * @return TRUE if successful
  */
 BOOL
 WriteStatusPending(LPCWSTR updateDirPath)
 {
-  WCHAR updateStatusFilePath[MAX_PATH + 1];
-  wcscpy(updateStatusFilePath, updateDirPath);
+  WCHAR updateStatusFilePath[MAX_PATH + 1] = { L'\0' };
+  wcsncpy(updateStatusFilePath, updateDirPath, MAX_PATH);
   if (!PathAppendSafe(updateStatusFilePath, L"update.status")) {
     return FALSE;
   }
 
   const char pending[] = "pending";
   HANDLE statusFile = CreateFileW(updateStatusFilePath, GENERIC_WRITE, 0,
                                   NULL, CREATE_ALWAYS, 0, NULL);
   if (statusFile == INVALID_HANDLE_VALUE) {
@@ -390,18 +391,18 @@ WriteStatusPending(LPCWSTR updateDirPath
  * Sets update.status to a specific failure code
  *
  * @param  updateDirPath The path of the update directory
  * @return TRUE if successful
  */
 BOOL
 WriteStatusFailure(LPCWSTR updateDirPath, int errorCode)
 {
-  WCHAR updateStatusFilePath[MAX_PATH + 1];
-  wcscpy(updateStatusFilePath, updateDirPath);
+  WCHAR updateStatusFilePath[MAX_PATH + 1] = { L'\0' };
+  wcsncpy(updateStatusFilePath, updateDirPath, MAX_PATH);
   if (!PathAppendSafe(updateStatusFilePath, L"update.status")) {
     return FALSE;
   }
 
   HANDLE statusFile = CreateFileW(updateStatusFilePath, GENERIC_WRITE, 0,
                                   NULL, CREATE_ALWAYS, 0, NULL);
   if (statusFile == INVALID_HANDLE_VALUE) {
     return FALSE;
@@ -644,22 +645,22 @@ DoesFallbackKeyExist()
  * Determines if the file system for the specified file handle is local
  * @param file path to check the filesystem type for, must be at most MAX_PATH
  * @param isLocal out parameter which will hold TRUE if the drive is local
  * @return TRUE if the call succeeded
 */
 BOOL
 IsLocalFile(LPCWSTR file, BOOL &isLocal)
 {
-  WCHAR rootPath[MAX_PATH + 1];
+  WCHAR rootPath[MAX_PATH + 1] = { L'\0' };
   if (wcslen(file) > MAX_PATH) {
     return FALSE;
   }
 
-  wcscpy(rootPath, file);
+  wcsncpy(rootPath, file, MAX_PATH);
   PathStripToRootW(rootPath);
   isLocal = GetDriveTypeW(rootPath) == DRIVE_FIXED;
   return TRUE;
 }
 
 
 /**
  * Determines the DWORD value of a registry key value
