Chips to ease Microsoft's big security nightmare

Newscientest.com

Chip makers are planning a new generation of microprocessors that should plug the gaps that led Microsoft to issue a "critical security alert" last week.

The alert was sparked by the discovery that a raft of Microsoft programs were vulnerable to a problem called "buffer overflow", which hackers can exploit to extract private information from a PC. And the risk of such attacks only worsened when, two days after the alert was issued, critical Windows "source code" was leaked on to the internet letting hackers see how it works.

A buffer is a section of computer memory that can store a set amount of data. Sometimes, usually because of a software bug, the processor sends more data to the buffer than it can hold, causing it to overflow into the next chunk of buffer memory. This makes computers vulnerable to hackers, because by deliberately making a buffer overflow they can force the computer to execute their malicious code.

The problem is hard to detect, as popular programming languages, like C and C++ do not make it easy to track when programs are vulnerable to overflow. But now chip makers Advanced Micro Devices (AMD) and Intel are developing processor chips that will deal with the problem.

AMD's Athlon-64 (for PCs) and Opteron (for servers) will protect against buffer overflows when used with a new version of Windows XP. Intel plans similar features on next generation Pentium chips

Malicious instructions
Until now, Intel-compatible processors have not been able to distinguish between sections of memory that contain data and those that contain program instructions. This has allowed hackers to insert malicious program instructions in sections of memory that are supposed to contain data only, and use buffer overflow to overwrite the "pointer" data that tells the processor which instruction to execute next. Hackers use this to force the computer to start executing their own code (see graphic).

The new AMD chips prevent this. They separate memory into instruction-only and data-only sections. If hackers attempt to execute code from the data section of memory, they will fail. Windows will then detect the attempt and close the application.

"Buffer overflows are the largest class of software vulnerabilities that lead to security flaws," says Crispin Cowan, of computer security company Immunix in Portland, Oregon.

Buffer overflow was behind the devastating Slammer and Blaster worm attacks on Windows PCs in 2003, and the Slapper worm used it to infect thousands of Linux-based web servers in 2002.
Full remote access
The buffer overflow problem that triggered last week's alert was discovered by engineers at eEye Digital Security in Aliso Viejo, California. It appears in a commonly used component of 20 Microsoft packages, including the Outlook emailer. "It's a most critical vulnerability," says Firas Raouf of eEye. Hackers could exploit the flaw to write email worms that could give them full remote access to a PC. This could happen without the user of the target PC opening an attachment or reading the email that carried it.

The new chips will block this kind of attack. But Cowan believes hackers will find other ways to insert malicious code: for example, by making a program jump to a subsection of its own code at the wrong time, perhaps to open a data port, to a hacker. "There's nothing to prevent that kind of attack," Cowan says.