Full Disclosure mailing list archives
Coming soon: CPU fix for buffer overflows
From: "Richard M. Smith" <rms () computerbytesman com>
Date: Mon, 23 Feb 2004 14:46:50 -0500
http://www.newscientist.com/news/news.jsp?id=ns99994696 Chips to ease Microsoft's big security nightmare 10:00 22 February 04 Chip makers are planning a new generation of microprocessors that should plug the gaps that led Microsoft to issue a "critical security alert" last week. The alert was sparked by the discovery that a raft of Microsoft programs were vulnerable to a problem called "buffer overflow", which hackers can exploit to extract private information from a PC. And the risk of such attacks only worsened when, two days after the alert was issued, critical Windows "source code" was leaked on to the internet letting hackers see how it works. A buffer is a section of computer memory that can store a set amount of data. Sometimes, usually because of a software bug, the processor sends more data to the buffer than it can hold, causing it to overflow into the next chunk of buffer memory. This makes computers vulnerable to hackers, because by deliberately making a buffer overflow they can force the computer to execute their malicious code. The problem is hard to detect, as popular programming languages, like C and C++ do not make it easy to track when programs are vulnerable to overflow. But now chip makers Advanced Micro Devices (AMD) and Intel are developing processor chips that will deal with the problem. AMD's Athlon-64 (for PCs) and Opteron (for servers) will protect against buffer overflows when used with a new version of Windows XP. Intel plans similar features on next generation Pentium chips. ... _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Coming soon: CPU fix for buffer overflows Richard M. Smith (Feb 23)
- Re: Coming soon: CPU fix for buffer overflows Ralf Ertzinger (Feb 23)
- Re: Coming soon: CPU fix for buffer overflows William Warren (Feb 23)
- <Possible follow-ups>
- Re: Coming soon: CPU fix for buffer overflows hybriz (Feb 23)
- RE: Coming soon: CPU fix for buffer overflows hybriz (Feb 23)
- RE: Coming soon: CPU fix for buffer overflows Mike Barushok (Feb 23)
- RE: Coming soon: CPU fix for buffer overflows Michael Williamson (Feb 24)
- RE: Coming soon: CPU fix for buffer overflows Mike Barushok (Feb 23)
- Re: Coming soon: CPU fix for buffer overflows Helmut Hauser (Feb 24)
- Re: Re: Coming soon: CPU fix for buffer overflows Jeremiah Cornelius (Feb 24)