Mon Mar 25 14:06:20 CST 2002

> > Even if you did this, it probably wouldn't help much, as the
> > interrupt routine is supposed to be executed in ring 0 (which
> > presumably is the very *reason* the program does this nonsense).
> Does that mean that a win95/98 app can execute arbitrary ring 0 code by using 
> this method ?

Yes, by this or any of a couple of other methods ...

Did anybody claim Win9x had kernel/user space separation? ;-)


