Intel has announced that help is on the way for those vulnerable to the Pentium FO bug, which first surfaced one week ago today. The company posted an advisory on its Web site noting that it has identified a workaround which can be implemented at the operating system level with "hardware simulation."
"It prevents the system from being frozen by the invalid instruction," said Intel spokesman Tom Waldrop. "It does this by modifying the execution flow to avoid the system hang after the invalid instruction is received."
Waldrop said Intel is working very closely with OS vendors to ship the workaround "in an accelerated manner" for all systems.
The Pentium FO bug, referred to by Intel as the "Invalid Instruction Erratum," consists of a few lines of machine code that, when executed, will crash a Pentium-based machine. The code does this by executing an invalid operation - basically, by trying to fit a 64-bit value into a 32-bit register - while simultaneously shutting off the normal error-handling functions built into the system. With error handling locked out, the machine hangs.
The new workaround heads off this sequence with "hardware simulation" within the OS. Intel engineers proposed a solution to OS vendors earlier this week, and Berkeley Software Design Inc. was first to post a beta version of a patch, on Tuesday, for its BSD/OS 2.1, 3.0, and 3.1.
"[The workaround] changes the interrupt set-up so that things don't go down the rathole," said Mike Karels, Berkeley Software Design's VP of engineering. "The OS has to do a little simulation with certain exceptions on what the hardware would normally have done."
Shortly after Berkeley's patch was posted, the Linux community reverse engineered it, wrote its own version, then posted the source code to mailing lists. Others, including Microsoft, are expected to follow suit shortly.
Microsoft is examining the workaround but does not yet have a patch available for Windows. "We are working with Intel to understand the implication of a potential workaround, but we don't have anything to announce," said Stacey Breyfogle, product manager for Windows desktop.
"In the end, Intel got off easily," said security consultant Elias Levy in an email. "They were able to find a software solution that did not require them to replace thousands of Pentium CPUs or to provide a microcode patch. They must be very happy."
Intel is generally receiving praise among newsgroup posters and vendors for its handling of the problem. "They found a workaround very quickly, they got the information out quickly, and they have been in very close contact with us all week," said Berkeley's Karels.
The Pentium FO is of primary concern to timeshare systems, such as ISPs and university settings, in which a malicious user would have the authority to execute binary code. Since it is not in commercial software, it is not really a threat to home users. It does not affect Pentium Pro or Pentium II processors.
