Pentium CPU Can Crash NT

Reported November 15, 1997 by x86.org

Systems Affected

Any systems using the following processors:

- Pentium processor
- Pentium processor with MMX technology
- Pentium OverDrive processor
- Pentium OverDrive processors with MMX technology

Description

Intel lists the bug as "Invalid Operand with Locked CMPXCHG8B Instruction", with erratum number 81 on the Pentium processor errata list. Go to their site to learn more: http://support.intel.com/sites/support

Demonstration Code:

Microsoft"s Response:

From Knowledge Base article Q163852 :

Intel has identified a workaround to this problem that allows the operating system to trap the invalid instruction and not pass it to the processor. Microsoft has worked closely with Intel to provide the following hotfixes:

Windows NT 4.0

To resolve this problem for Windows NT 4.0, obtain the hotfix or wait for the next Windows NT service pack.

This files in the fix should have following time stamps:

11/24/97 12:24p 51,968 Hal.dll
11/24/97 12:24p 48,384 Hal486c.dll
11/24/97 12:25p 66,400 Halapic.dll
11/24/97 12:24p 46,112 Halast.dll
11/24/97 12:25p 82,208 Halcbus.dll
11/24/97 12:25p 80,320 Halcbusm.dll
11/24/97 12:24p 46,400 Halmca.dll
11/24/97 12:25p 68,544 Halmps.dll
11/24/97 12:25p 67,552 Halmpsm.dll
11/24/97 12:26p 79,008 Halncr.dll
11/24/97 12:25p 40,192 Haloli.dll
11/24/97 12:25p 56,608 Halsp.dll
11/24/97 12:25p 40,768 Halwyse7.dll
11/20/97 06:23p 938,816 Ntkrnlmp.exe
11/20/97 06:22p 918,848 Ntoskrnl.exe

Windows NT 3.51

To resolve this problem for Windows NT 3.51, obtain the hotfix, which should have the following time stampts on the files:

11/24/97 12:42p 49,840 Hal.dll
11/24/97 12:42p 48,768 Hal486c.dll
11/24/97 12:42p 65,648 Halapic.dll
11/24/97 12:42p 46,704 Halast.dll
11/24/97 12:42p 81,056 Halcbus.dll
11/24/97 12:42p 79,200 Halcbusm.dll
11/24/97 12:42p 46,912 Halmca.dll
11/24/97 12:42p 67,696 Halmps.dll
11/24/97 12:42p 40,480 Haloli.dll
11/24/97 12:42p 53,744 Halsp.dll
11/24/97 12:42p 49,840 Halws3.dll
11/24/97 12:42p 41,072 Halwyse7.dll
11/21/97 01:35p 821,904 Ntkrnlmp.exe
11/21/97 01:34p 810,016 Ntoskrnl.exe

Windows 95

A fix for Windows 95 is not yet available.

To learn more about new NT security concerns, subscribe to NTSD.

Credit:
Reported by: x86.org
Posted here at NTSecurity.Net February 15, 1997