AMD develops hardware fix to target major XP security risk

AMD is developing technology in the next generation of x86-compatible microprocessors to combat one of the largest security...

AMD is developing technology in the next generation of x86-compatible microprocessors to combat one of the largest security loopholes in Windows-based computing.

The chipmaker is working with Microsoft to build safeguards into its 32-bit-compatible Athlon 64 processors to protect against buffer overflow virus attacks on Windows-based PCs. Buffer overflow errors have been behind global attacks such as last year's MSBlaster and Code Red.

A buffer overflow attack overwhelms the computer's buffer memory space with data before inserting malicious code, which is then executed by the processor. The technology to guard against this, called "no execute" (NX), relies on a combination of the processor and the operating system detecting misuse of computer memory.

Graham Titterington, principal analyst at Ovum, said, "In the long term, if these chips get widely deployed, it would mean that users would be protected against buffer overflow attacks."

Microsoft has said it is working with chip companies to help Windows support hardware-enforced NX restrictions on processors that contain the feature.

NX uses the central processing unit to enforce the separation of application code and data. This prevents an application or Windows component from executing program code that an attacking worm or virus has inserted into a portion of memory marked for data only.

Gartner research fellow Martin Reynolds said one potential issue with NX is that it requires the processor to operate in page address extension mode, which might cause some compatibility problems. He suggested it may also affect the performance of Java. "Some code may deliberately execute from the data area - for example, just-in-time compilers for Java - and would require NX to be disabled," he said.

However, support for NX will not be available until the Service Pack 2 release of Windows XP ships. Stuart Okin, chief security officer at Microsoft, said, "We have recompiled the Windows Service Pack 2 for XP so that it can understand the buffer overflow check technology."

AMD's technology, called Execution Protection, is already shipping on the Athlon 64, 64FX and Opteron chips, although it cannot be activated as it relies on the Windows XP Service Pack 2.

Intel is evaluating a similar technology to run on its Prescott chip. The company said NX has been built into its Itanium processors since 2001.

Intel said it was evaluating whether to build the NX feature for use in mainstream PC desktop and server hardware. A spokesman for Intel said it is focusing on delivering a combination of hardware and software that will work together to protect computer memory from buffer overflows. But, to date, only high-end Itanium II hardware is equipped with this feature. He said, "We are focusing on delivering fully tested, robust and usable stacks."

Read more on PC hardware