Re: The Developer Implications of Windows XP SP2
From: Robert Heinig (info129_at_RHEINIG.DE)
Date: Thu, 13 Nov 2003 13:57:40 +0100 To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
A smile a day...
>Additionally, Microsoft is working with microprocessor companies
> to help Windows support hardware-enforced "no execute" (or NX)
> on microprocessors that contain the feature. NX uses the CPU
> itself to enforce the separation of application code and data,
> preventing an application or Windows component from executing
> program code that an attacking worm or virus inserted into
> a portion of memory marked for data only.
Such a hardware feature has been introduced recently by intel, namely in the
80286 microprocessor. All Windows versions I am aware of already contain
provisions to *circumvent* this feature!
(Yes I know the original concept of the IA-32 Protected Mode -
segmentation - is incompatible with NT architecture, and that this is not
the most regrettable point where the NT design team chose not to use an
intel feature - ignoring rings 1 and 2 is).
Apart from this suave mockery I can only applaud this announcement and I
sincerely hope they found a way to implement this idea with current CPU's.
---- NTBugtraq subscribers save $103.00 off the TICSA exam by using promo code "NT1003" when registering to take the TICSA exam at www.2test.com. Prove to your employer and peers that you have the knowledge and abilities to be an active stakeholder in today's enterprise security. Become TICSA certified www.trusecure.com/ticsa. Promotion expires 12/31/03 and cannot be used in combination with other offers. ----