Re: The Developer Implications of Windows XP SP2

From: Robert Heinig (info129_at_RHEINIG.DE)
Date: 11/13/03

  • Next message: Miller, Todd: "Re: Microsoft Security Bulletin MS03-049 - Installation problems?"
    Date:         Thu, 13 Nov 2003 13:57:40 +0100
    To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
    
    

    A smile a day...

    >Additionally, Microsoft is working with microprocessor companies

    > to help Windows support hardware-enforced "no execute" (or NX)

    > on microprocessors that contain the feature. NX uses the CPU

    > itself to enforce the separation of application code and data,

    > preventing an application or Windows component from executing

    > program code that an attacking worm or virus inserted into

    > a portion of memory marked for data only.

    Such a hardware feature has been introduced recently by intel, namely in the
    80286 microprocessor. All Windows versions I am aware of already contain
    provisions to *circumvent* this feature!

    (Yes I know the original concept of the IA-32 Protected Mode -
    segmentation - is incompatible with NT architecture, and that this is not
    the most regrettable point where the NT design team chose not to use an
    intel feature - ignoring rings 1 and 2 is).

    Apart from this suave mockery I can only applaud this announcement and I
    sincerely hope they found a way to implement this idea with current CPU's.

    have fun

    Robert Heinig

    ----
    NTBugtraq subscribers save $103.00 off the TICSA exam by using promo
    code "NT1003" when registering to take the TICSA exam at www.2test.com.
    Prove to your employer and peers that you have the knowledge and
    abilities to be an active stakeholder in today's enterprise security.
    Become TICSA certified www.trusecure.com/ticsa.  Promotion expires
    12/31/03 and cannot be used in combination with other offers.
    ----
    

  • Next message: Miller, Todd: "Re: Microsoft Security Bulletin MS03-049 - Installation problems?"