Non executable memory pages with AMD64 + XP SP2

[Nicolas RUFF <nicolas.ruff () edelweb fr>]

        Hello everybody,

Did anyone out there have a chance to test non-executable memory
pages on AMD64 + XP SP2 ? I sent a mail on Bugtraq a few weeks ago but I
did not receive much support from the community.

It seems to me that non-executable pages are never enabled (at least for
basic user programs, such as "hello world" buffer overflow), unless you
manually specify /PAE, despite:
http://support.microsoft.com/kb/875352

If you read the small caps on AMD commercials in France, they say
something like: "you must manually enable the Enhanced Virus Protection
for each of your application to be fully protected". What is this 
supposed to mean ???

I suspect Microsoft went on a last-minute change, considering the number
of software failing with non-executable pages (at least on my computer -
e.g. nVidia userland interface).

To sum up :

1/ 64-bit OS are not ready for production - if you ever tried to get
drivers for the Windows XP 64-bit edition (available from MSDN) you know 
what I mean.

2/ 64-bit OS are as fast as 32-bit OS (tested on Fedora 64 and XP
64). Applications will be running in 32-bit emulation mode for a long
time and will not benefit from 64-bit processors either.

3/ 32-bit XP SP2 does not use non-executable memory pages (AFAIK).

4/ Shellcoders will benefit from new RIP-relative addressing, as M.
Conover pointed out.

So, could someone figure out a good reason why I spent $300 on this s***
? (Not couting the motherboard and memory upgrade).

Regards,
- Nicolas RUFF
-----------------------------------
Security Consultant
EdelWeb (http://www.edelweb.fr/)
Mail : nicolas.ruff (at) edelweb.fr
-----------------------------------

_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
https://lists.immunitysec.com/mailman/listinfo/dailydave