A method and system for preventing stack buffer overflow attacks in a computer system are disclosed. A computer system can prevent stack buffer overflow attacks by encrypting return addresses prior to pushing them onto the runtime stack. When an encrypted return address is popped off the runtime stack, the computer system decrypts the encrypted return address to determine the actual return address. A random encryption key can be used, which can be generated from the CPU's clock cycle counter. Multitasking environments can add a seed register to the task state so that each task can use a unique seed to encrypt the return addresses.