INFRA
INFRA
INFRA
Microsoft Meltdown patch introduced new vulnerability to Windows installs
Microsoft Corp.’s attempts to address the Meltdown vulnerability in Intel Corp. computer processing units have opened a new vulnerability in some versions of Windows, at least according to one researcher.
The claim comes from Ulf Frisk, a security researcher based in Sweden, who wrote Tuesday that the patches released for Windows 7 x64 and Windows Server 2008 in January and February did protect against Meltdown but “opened up a vulnerability way worse” that could allow an attacker to access “any process to read the complete memory contents at gigabytes per second … [and] write to arbitrary memory as well.”
Explaining the technicalities of the introduced vulnerability in the patches, Frisk said that “the User/Supervisor permission bit was set to User in the PML4 self-referencing entry. This made the page tables available to user mode code in every process. The page tables should normally only be accessible by the kernel itself…. once read/write access has been gained to the page tables it will be trivially easy to gain access to the complete physical memory, unless it is additionally protected by Extended Page Tables used for virtualization. All one has to do is to write their own Page Table Entries into the page tables to access arbitrary physical memory.”
The issue only affects systems where patches were applied in January and February, and not the March “Patch Tuesday” release. “Microsoft is aware of this and looking into the matter further,” the company said in a statement. “This issue impacts Win7 SP1 (x64 only) and Server 2008R2 SP1 (x64 only). We are actively testing a solution, and will make it available as soon as it is properly validated.”
Mounir Hahad, head of Juniper Threat Labs at Juniper Networks Inc., said the introduced vulnerability highlights issues with patches being released without proper testing.
“The rush to quickly close vulnerabilities is often a treacherous path that can cause undesirable side-effects,” Hahad said. “The urgency is to respond to known issues in a timely manner. It is not unheard of that some new glitches are introduced with fixes. The good news in this case is that … any system up-to-date with March patches is no longer vulnerable.”
Photo: toyochin/Flickr
A message from John Furrier, co-founder of SiliconANGLE:
Support our open free content by sharing and engaging with our content and community.
Join theCUBE Alumni Trust Network
Where Technology Leaders Connect, Share Intelligence & Create Opportunities
11.4k+
CUBE Alumni Network
C-level and Technical
Domain Experts
15M+
theCUBE
Viewers
Connect with 11,413+ industry leaders from our network of tech and business leaders forming a unique trusted network effect.
SiliconANGLE Media is a recognized leader in digital media innovation serving innovative audiences and brands, bringing together cutting-edge technology, influential content, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — such as those established in Silicon Valley and the New York Stock Exchange (NYSE) — SiliconANGLE Media operates at the intersection of media, technology, and AI. .
Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a powerful ecosystem of industry-leading digital media brands, with a reach of 15+ million elite tech professionals. The company’s new, proprietary theCUBE AI Video cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.
