Software vulnerabilities to malicious code are well-known and represent significant threats to industry and personal computer use. One type of vulnerability is the corruption of an application's run-time stack in a way that overwrites return addresses to a location containing malicious code. For example, through code vulnerabilities, a malicious code vector may be introduced to allow an attacker to overwrite executable code values, such as return addresses or function/method pointers, with a value that causes the execution to be redirected to the attacker's malicious code. These are generically known as buffer overflow attacks. A specific type of overflow, known as a stack overflow, overwrites a return address stored on the stack. These types of attacks, which are at the user level, are responsible for billions of dollars in damages, and have been used to harm millions of users.
Another type of vulnerability concerns gaining illegal access to regions of memory outside a process's valid pages by modifying virtual address mappings in an operating system's page tables. Although less common that buffer overflow attacks, these types of attacks may result in greater damage, including corrupting the operating system.
The conventional way to prevent malicious code attacks is using security software, such as malware protection and antivirus products from companies such as McAfee, Norton, and Kaspersky. The products, while useful, are imperfect, and cannot prevent some vulnerabilities from being exploited by an attacker. In particular, each of these products work at the software level, and are designed to detect and remove or prevent access from known malicious code. As a result, it would be advantageous to provide an additional level of security to prevent malicious code attacks at the hardware level.