> One of the bugs is a branching instruction that may, or may not
> jump to the intended address +1.  For the moment it's being
> worked around in the compilers by putting a few NOP's at
> spots that require such branching. Since there may be such
> sets of NOP's in the code, a hacker might replace the NOP's
> with a jump code of their own in order to execute their virus
> code, then jump back to continue execution of the original
> program.

Bah, a hacker can put a jump to their code anywhere. The instruction they 
overwrote with their "jump" they just execute somewhere in their own code 
before returning.  Easiest way is to just overwrite another jump 
instruction, then jump to the location of that jump at the end of your virus 
code.  I don't think they need to specifically look out for NOPs to write 
over.

Post a reply to this message