SSS: Security-Sucks

http://www.avertlabs.com/research/blog/index.php/2010/01/14/more-details-on-operation-aurora/

JavaScript code exploited a zero-day vulnerability in Internet Explorer; Microsoft Internet Explorer DOM Operation Memory Corruption Vulnerability. Microsoft has released Security Advisory (979352) for this vulnerability (CVE-2010-0249)

http://extraexploit.blogspot.com/2010/01/iexplorer-0day-cve-2010-0249.html

Microsoft confirms IE zero-day behind Google attack

http://www.networkworld.com/news/2010/011510-microsoft-confirms-ie-zero-day-behind.html

Vulnerability in Internet Explorer Could Allow Remote Code Execution

http://www.microsoft.com/technet/security/advisory/979352.mspx

https://www.openrce.org/blog/view/1532/BSWAP_+_66h_prefix_%28bochs,_QEMU_detection%29

http://gynvael.coldwind.pl/?id=268

The bswap reg16 instruction is in fact a bswap reg32 with the 66h prefix, also known as the operand-size override prefix (it switches the operands between 32 and 16 bits, where 32 is the default in PMODE of course). As one can read in the Intel manuals, using bswap with the 66h prefix will result in getting an undefined behavior .