UPDATED 23:22 EDT / MARCH 28 2018

INFRA

Microsoft Meltdown patch introduced new vulnerability to Windows installs

Microsoft Corp.’s attempts to address the Meltdown vulnerability in Intel Corp. computer processing units have opened a new vulnerability in some versions of Windows, at least according to one researcher.

The claim comes from Ulf Frisk, a security researcher based in Sweden, who wrote Tuesday that the patches released for Windows 7 x64 and Windows Server 2008 in January and February did protect against Meltdown but “opened up a vulnerability way worse” that could allow an attacker to access “any process to read the complete memory contents at gigabytes per second … [and] write to arbitrary memory as well.”

Explaining the technicalities of the introduced vulnerability in the patches, Frisk said that “the User/Supervisor permission bit was set to User in the PML4 self-referencing entry. This made the page tables available to user mode code in every process. The page tables should normally only be accessible by the kernel itself…. once read/write access has been gained to the page tables it will be trivially easy to gain access to the complete physical memory, unless it is additionally protected by Extended Page Tables used for virtualization. All one has to do is to write their own Page Table Entries into the page tables to access arbitrary physical memory.”

The issue only affects systems where patches were applied in January and February, and not the March “Patch Tuesday” release. “Microsoft is aware of this and looking into the matter further,” the company said in a statement. “This issue impacts Win7 SP1 (x64 only) and Server 2008R2 SP1 (x64 only). We are actively testing a solution, and will make it available as soon as it is properly validated.”

Mounir Hahad, head of Juniper Threat Labs at Juniper Networks Inc., said the introduced vulnerability highlights issues with patches being released without proper testing.

“The rush to quickly close vulnerabilities is often a treacherous path that can cause undesirable side-effects,” Hahad said. “The urgency is to respond to known issues in a timely manner. It is not unheard of that some new glitches are introduced with fixes. The good news in this case is that … any system up-to-date with March patches is no longer vulnerable.”

Photo: toyochin/Flickr

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU

Cookies

We employ the use of cookies. Find out more.