lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
From: rms at computerbytesman.com (Richard M. Smith) Subject: Coming soon: CPU fix for buffer overflows http://www.newscientist.com/news/news.jsp?id=ns99994696 Chips to ease Microsoft's big security nightmare 10:00 22 February 04 Chip makers are planning a new generation of microprocessors that should plug the gaps that led Microsoft to issue a "critical security alert" last week. The alert was sparked by the discovery that a raft of Microsoft programs were vulnerable to a problem called "buffer overflow", which hackers can exploit to extract private information from a PC. And the risk of such attacks only worsened when, two days after the alert was issued, critical Windows "source code" was leaked on to the internet letting hackers see how it works. A buffer is a section of computer memory that can store a set amount of data. Sometimes, usually because of a software bug, the processor sends more data to the buffer than it can hold, causing it to overflow into the next chunk of buffer memory. This makes computers vulnerable to hackers, because by deliberately making a buffer overflow they can force the computer to execute their malicious code. The problem is hard to detect, as popular programming languages, like C and C++ do not make it easy to track when programs are vulnerable to overflow. But now chip makers Advanced Micro Devices (AMD) and Intel are developing processor chips that will deal with the problem. AMD's Athlon-64 (for PCs) and Opteron (for servers) will protect against buffer overflows when used with a new version of Windows XP. Intel plans similar features on next generation Pentium chips. ...
Powered by blists - more mailing lists