Sorry to have to disagree somewhat Microsoft need to code and assemble their executable modules in a properly secure manner
Most of the current software is written as sub-modules which are then assembled into an executable set for distribution, but that distributable file then contains intermixed blocks of code data and workingspace buffers Then when loaded into memory, a similar process happens What is needed is for the technique used 30 years ago in mainframes to be adopted. modules created in at least 4 distinct sections, and those sections handled differently by the OS program loader, and the CPU Part 1 - code, and constants loaded into memory, and cannot be changed Part 2 - working control data loaded into memory and can only be changed by the code Part 3 - inter-program communication areas for passing on data and API requests - code will not be executed from this area Part 4 - buffer and storage areas - allocated by the OS - code will not be executed from this area Each sub-module's parts will be assembled into 4 separate parts in any distributable dll, com, exe etc The 4 (or more) sections are managed separately by the hardware and only the stuff in the Part 1 can be processed as instructions And only the OS loader can put stuff into a memory area designated as a Part 1 zone NO BUFFER Exploits possible JimB ----- Original Message ----- From: "Marc Sims" <[EMAIL PROTECTED]> To: <[email protected]> Sent: Friday, January 06, 2006 12:05 PM Subject: Re: WMF security patch released Thanks. Its about time but still Microsoft STILL needs to get these very critical patches out much faster and much less than a week. They need to close that hole of time in vulnerability. Marc Sims Data Technician I Prince George's Community College >>> [EMAIL PROTECTED] Thursday, January 05, 2006 >>> At 03:32 PM 1/5/2006, Carl Houseman typed: >http://www.microsoft.com/technet/security/bulletin/advance.mspx > >It's available on Microsoft Update right now. Download at <http://www.microsoft.com/downloads/details.aspx?FamilyID=0c1b4c96-57ae-499e -b89b-215b7bb4d8e9&DisplayLang=en> ----------+---------- Wayne D. Johnson Ashland, OH, USA 44805 <http://www.wavijo.com> -- ---------------------------------------- To unsubscribe, mailto: [EMAIL PROTECTED] Is your picture included in the Official Win-Home List Members Profiles Page? http://www.besteffort.com/winhome/Profiles.html If not, write to: [EMAIL PROTECTED] -- ---------------------------------------- To unsubscribe, mailto: [EMAIL PROTECTED] Is your picture included in the Official Win-Home List Members Profiles Page? http://www.besteffort.com/winhome/Profiles.html If not, write to: [EMAIL PROTECTED]
