Re: The Developer Implications of Windows XP SP2

From: Robert Heinig (info129_at_RHEINIG.DE)
Date: 11/13/03

  • Next message: Miller, Todd: "Re: Microsoft Security Bulletin MS03-049 - Installation problems?"
    Date:         Thu, 13 Nov 2003 13:57:40 +0100

    A smile a day...

    >Additionally, Microsoft is working with microprocessor companies

    > to help Windows support hardware-enforced "no execute" (or NX)

    > on microprocessors that contain the feature. NX uses the CPU

    > itself to enforce the separation of application code and data,

    > preventing an application or Windows component from executing

    > program code that an attacking worm or virus inserted into

    > a portion of memory marked for data only.

    Such a hardware feature has been introduced recently by intel, namely in the
    80286 microprocessor. All Windows versions I am aware of already contain
    provisions to *circumvent* this feature!

    (Yes I know the original concept of the IA-32 Protected Mode -
    segmentation - is incompatible with NT architecture, and that this is not
    the most regrettable point where the NT design team chose not to use an
    intel feature - ignoring rings 1 and 2 is).

    Apart from this suave mockery I can only applaud this announcement and I
    sincerely hope they found a way to implement this idea with current CPU's.

    have fun

    Robert Heinig

    NTBugtraq subscribers save $103.00 off the TICSA exam by using promo
    code "NT1003" when registering to take the TICSA exam at
    Prove to your employer and peers that you have the knowledge and
    abilities to be an active stakeholder in today's enterprise security.
    Become TICSA certified  Promotion expires
    12/31/03 and cannot be used in combination with other offers.

  • Next message: Miller, Todd: "Re: Microsoft Security Bulletin MS03-049 - Installation problems?"

    Relevant Pages

    • Re: Question on Processor Specs
      ... However, when I run Belarc Advisor, it states, "3.00 GHz Intel Pentium D, ... the BIOS,; ... is to Disable the following feature. ... and they report every little glitch to Franck Delattre. ...
    • Re: A quote from Crypto-Gram
      ... those who wish to abuse the feature. ... and that is much easier to abuse. ... surprised if VIA and others producing mass-market chips didn't have the same ... mechanism as AMD and Intel. ...
    • Re: Dual-Core CPU Question
      ... The 451 is the Intel processor number, and the Intel web site is a really ... In order to have a workable upgrade, ... must support the FSB speed and have the right socket. ... the VT feature, which may or may not be important to you. ...
    • Re: Dual-Core CPU Question
      ... If I am remembering things correctly, the VT feature on recent Intel ... Pentium/Core processors consists of hardware-based enhancements for ... machine" system is a Dell Dimension 8300 with a Pentium 4 ...
    • Re: Powering off after shutdown...
      ... >I have an Intel MS440GX motherboard and I can't find ... >the net regarding its soft power off feature which I ...