dcsimg
RealTime IT News

Securing XP at the Chip Level

Microsoft and AMD unveiled their latest plan to secure an operating system at the chip level, one that works in conjunction with future Windows upgrades.

As part of the alliance, Sunnyvale, Calif.-based AMD revealed that its Enhanced Virus Protection security technology will work with Microsoft's upcoming Windows XP Service pack 2 release in order to improve security through a multi-level approach.

The Enhanced Virus Protection is included with all AMD 64-bit processors including the Opteron and Athlon64 chips. The technology will work in tandem with Microsoft's recently announced Data Execution Prevention system that is part of the latest Windows XP SP2 beta.

Rebecca Norlander, Microsoft group manager in charge of the Windows XP SP2 release, said data execution prevention is one of several security enhancements within Windows XP SP2 that will provide customers with protection against certain buffer overrun virus attacks.

Microsoft and AMD said their technologies are designed to prevent buffer overrun exploits . Buffer overflows occur when a malicious piece of code accesses system memory and uses it to execute its payload.

"With the Enhanced Virus Protection on our processors, used with an operating system like XP SP2, vulnerable memory is marked as non executable," John Crank, Athlon 64 product manager for AMD's microprocessor business unit, told internetnews.com. "This is a flag inside of a processor, technically a bit inside of a register, that gets put into memory and says there are no executables to run, only data."

According to Crank, AMD's Enhanced Virus Protection is available for all 64-bit enabled Linux operating systems as well. It will also be available for Windows Server 2003 Service Pack 1 when that ships later this year.

Crank told internetnews.com that the technology has been around for some time, but had not been used for virus protection. Recent exploits have prompted AMD and Microsoft to look at the technology again and implement it.

"Research has shown through Microsoft and AMD that the Blaster virus would not have been as successful against an XP SP2/AMD set up," Crank told internetnews.com "It would have got into the memory buffer, the processor would have said 'no way,' and it never would have had the chance to replicate itself. At worst it would have been a standard DoS attack."

In related news, AMD announced Tuesday that its new Alchemy Aul1550 security network processor. The company said the chip "accelerates networking and remote access applications such as gateways and network attached storage (NAS) units, wireless access points and Voice over Internet Protocol environments."

The new processor includes a hardware based VPN packet protocol that includes an integrated security engine and supports both IPsec and SSL .

Intel is expected to follow suit soon regarding embedded security. The chip company has so far released its La Grande security technology as part of its "Prescott" Pentium 4 but has yet to announce that the technology has been formatted for any Microsoft product.