Home / Tech News / Featured Tech News / Microsoft’s initial Meltdown patch has opened up a worse security risk

Microsoft’s initial Meltdown patch has opened up a worse security risk

Damien Mason March 29, 2018 Featured Tech News, Security

Back in January, Microsoft attempted to smooth over Intel’s buggy Meltdown fixes by issuing a patch of its own. Unfortunately, it seems that the Windows-maker has also dropped the ball on its patch, causing an even greater security hole in the process.

It was obvious from the reveal of Spectre and Meltdown’s scale that Intel would need help fixing and distributing its own patches to solve the many security flaws embedded into its processors. The efforts from Microsoft have been impeccable across this period, helping Intel distribute its own fixes and implementing a bug bounty program to help mop up potential remaining flaws that have yet to be discovered.

Security researcher Ulf Frisk, however, has come across a problem with Microsoft’s initial patch intended to fix both 64-bit Windows 7 and Server 2008 R2 systems. While it did dampen the issues caused by Meltdown, it simultaneously opened up a vulnerability that Frisk describes as “way worse … It allowed any process to read the complete memory contents at gigabytes per second, oh – it was possible to write to arbitrary memory as well.”

“No fancy exploits were needed. Windows 7 already did the hard work of mapping in the required memory into every running process,” continues Frisk. “Exploitation was just a matter of read and write to already mapped in-process virtual memory. No fancy APIs or syscalls required – just standard read and write!”

This was made possible due to the patch setting the user’s User/Supervisor permission bit to User in the PML4 self-referencing entry. “The page tables should normally only be accessible by the kernel itself,” says Frisk.

Luckily, this isn’t a widespread issue, affecting just 64-bit Windows 7 and Server 2008 R2 machines. Users on Windows 8.1 or 10 needn’t worry about the issue. Microsoft has yet to comment on the issue, meaning there is no timeframe on a fix.

KitGuru Says: I can’t claim to know how difficult it must be to fix an issue by sifting through thousands upon thousands of lines of code, but it is shocking how such issues can go unaddressed since January. And with it only affecting aging systems, it is uncertain as to what Microsoft’s response is going to be.  

Become a Patron!

Tags

Check Also

Arctic launches new flagship Liquid Freezer III Pro CPU coolers

Arctic has followed up its celebrated Liquid Freezer III CPU cooler with the new Liquid …

© Copyright 2025, Kitguru.net All Rights Reserved Standard Terms

We've noticed that you are using an ad blocker.

Thank you for visiting KitGuru. Our news and reviews teams work hard to bring you the latest stories and finest, in-depth analysis.

We want to be as informative as possible – and to help our readers make the best buying decisions. The mechanism we use to run our business and pay some of the best journalists in the world, is advertising.

If you want to support KitGuru, then please add www.kitguru.net to your ad blocking whitelist or disable your adblocking software. It really makes a difference and allows us to continue creating the kind of content you really want to read.

It is important you know that we don’t run pop ups, pop unders, audio ads, code tracking ads or anything else that would interfere with the KitGuru experience. Adblockers can actually block some of our free content, such as galleries!