“The condition wherein the data transferred to a buffer exceeds the storage capacity of the buffer and some of the data “overflows” into another buffer, one that the data was not intended to go into. Since buffers can only hold a specific amount of data, when that capacity has been reached the data has to flow somewhere else, typically into another buffer, which can corrupt data that is already contained in that buffer.”
There are methods and controls that can be used by programmers to try and eliminate the potential for buffer overrun vulnerabilities in their software and much emphasis has been given lately to properly training programmers to write better, more secure code in the first place. However, Microsoft, AMD and Intel are working together, or at least in parallel, to implement technology which would stop buffer overflows from working even if the software is poorly written.
While the technology will not actually be functional until the release of Windows XP Service Pack 2, AMD has incorporated Execution Protection technology into their existing 64-bit Athlon processors. Intel is working to incorporate similar technology into its next-generation Pentium 4 chips to be released soon.
In a nutshell this new technology will ensure that the buffers and the data within them are “read only” as far as external applications are concerned. This will alleviate the potential for a malicious programmer to execute code to try and write beyond the size of the buffer.
Buffer overflows or overruns account for a very large percentage of the vulnerabilities that are discovered. Execution Protection may be a huge step forward in helping to secure computer systems without having to rely on individual programmers to write more secure applications.
For more information you can see this Silicon.com article about Execution Protection: Chips to be made hackerproof by AMD and Intel.
