diff --git a/src/pc/update_checker.c b/src/pc/update_checker.c
index 1613c80f1..7709724c0 100644
--- a/src/pc/update_checker.c
+++ b/src/pc/update_checker.c
@@ -46,11 +46,13 @@ size_t write_callback(char *ptr, size_t size, size_t nmemb, void *userdata) {
 void parse_version(const char *data) {
     const char *version = strstr(data, VERSION_IDENTIFIER);
     if (version == NULL) { return; }
-    u8 len = strlen(VERSION_IDENTIFIER);
+    size_t len = strlen(VERSION_IDENTIFIER);
     version += len;
     const char *end = strchr(version, '"');
-    memcpy(sRemoteVersion, version, end - version);
-    sRemoteVersion[end - version] = '\0';
+    size_t versionLength = (size_t)(end - version);
+    if (versionLength > sizeof(sRemoteVersion) - 1) { return; }
+    memcpy(sRemoteVersion, version, versionLength);
+    sRemoteVersion[versionLength] = '\0';
 }
 
 // function to download a text file from the internet
@@ -80,9 +82,9 @@ void get_version_remote(void) {
     DWORD dwSize = sizeof(contentLength);
     HttpQueryInfo(hUrl, HTTP_QUERY_CONTENT_LENGTH | HTTP_QUERY_FLAG_NUMBER, &contentLength, &dwSize, NULL);
 
-    // read data from the URL
+    // read data from the URL, making room in the buffer for the null-terminator
     DWORD bytesRead;
-    if (!InternetReadFile(hUrl, buffer, sizeof(buffer), &bytesRead)) {
+    if (!InternetReadFile(hUrl, buffer, sizeof(buffer) - 1, &bytesRead)) {
         printf("Failed to check for updates!\n");
         InternetCloseHandle(hInternet);
         InternetCloseHandle(hUrl);