Subject: Re: Pentium Bug may cause system crash
To: Andrew Gillham <>
From: Bill Sommerfeld <>
List: current-users
Date: 11/12/1997 14:03:16
> If their patch just looks through the code for '0xf0, 0x0f, 0xc7, 0xc8' 
> when exec()'ing, then what stops the malicious from reassembling the
> sequence at runtime?

A description of the files touched by the patch was sent to bugtraq;
it claimed that only machdep.o and locore.o were touched, which
suggests to me that something subtler and more effective than a
brute-force search for the instruction pattern at exec time was done..