Aardvark Daily
Web Servers Threatened by Intel Bug
Copyright © 1997 to Bruce Simpson, syndication rights available
Click on the Ad and support Aardvark
Remember - ads pay for content, click them!
10 Nov 1997

May thousands of Web servers all over the world may well be under threat from a new firmware bug found in the Intel Pentium processors.

The bug, consisting of an illegal instruction that causes the processor to freeze solid, regardless of what operating system is being used, was discovered last week and Intel are reported to be "investigating" the claims. Some reports indicate that all Pentium processors are vulnerable to the bug while others insist that only the original Pentium and Pentium MMX chips are affected.

The threat to the Net comes from the fact that a huge percentage of the Net's Web servers are based on Intel Pentium chips running either a flavour of Unix or Windows NT. When used for virtual hosting where CGI capabilities are offered, a malicious user could easily upload a small C program that would completely halt the server - effectively bringing down not only that user's site but all the others running on the same machine.

In the past, many ISPs have refused to offer CGI capabilities to their hosting clients for fear of such eventualities while others have offered a list of pre-installed CGI scripts of known origin and content.

Another option often used by Web-hosting providers is to only allow the use of Perl scripts. Being an interpreted language, Perl scripts can not generate the instruction that causes the problem.

Although much less likely to affect the average computer user, the severity of this bug could cause Intel to issue yet another very expensive recall of those processors fitted to publicly accessible systems such as Web servers.

Do you want to link to this page?

Don't Stop here!

Back to Aardvark Daily...