Windows 7 Meltdown Patch Reportedly Creates Major Vulnerability

Windows 7 featured

Microsoft started releasing its Spectre and Meltdown patches at the beginning of 2018 and the company was considerate enough to release patches for Windows 7 and Windows 8.1, which still have a large user base. However, the Meltdown patch for Windows 7 reportedly introduced a major vulnerability which granted access to all data in user memory.

According to security researcher Ulf Frisk, Microsoft’s update to patch the Meltdown processor flaw on Windows 7 (64-bit) and Windows Server 2008 R2 granted any process or application to access everything stored in memory “at gigabytes per second.” The new vulnerability also allowed processes to write to arbitrary memory without using any “fancy exploits”.

Windows 7 Meltdown Patch Reportedly Creates Major Vulnerability

 

In his report regarding the matter, Frisk wrote:

“Windows 7 already did the hard work of mapping in the required memory into every running process…Exploitation was just a matter of read and write to already mapped in-process virtual memory. No fancy APIs or system calls required – just standard read and write!”.

Frisk further explained that Microsoft’s Meltdown patches allowed all processes and applications to access all the data stored in memory, which also included data meant to be used by the operating system. “Once read/write access has been gained to the page tables it will be trivially easy to gain access to the complete physical memory, unless it is additionally protected by Extended Page Tables (EPTs) used for Virtualization,” Frisk explained. “All one has to do is to write their own Page Table Entries (PTEs) into the page tables to access arbitrary physical memory.”

However, Microsoft has since patched the vulnerability and if you’re on March 13 patch on Windows 7 or Windows Server 2008 R2, then you’re protected from the exploit. In case you haven’t updated the the March 13 patch yet, it is advised that you install the patch right away to protect your data from being accessed by third-party applications.

Comments 0
Leave a Reply

Loading comments...