Actually, the new capability is to set execute permissions on a per-page basis in hardware. IA-32 already had an execute permission bit on segments. No 32-bit IA-32 OS that I know of uses a segmented model though, preferring a flat memory model, which means we only get read and write permissions in hardware.

Thanks to this minor oversight in the design of IA-32, we have gone a long time without the benefit of hardware execute protection. There are software kludges that try to work around this (like working around the 386 bug with page write protection), but a hardware solution will be more robust and speedy.

Score:4, Informative