The only thing that’s worse than not installing the latest security patch for your insecure computer is installing a fix that ends up opening new loopholes. This might sound like fiction, but it’s reality in case of Meltdown patches released for Windows 7.
As per Swedish security researcher Ulf Frisk, Microsoft’s Meltdown patch from January took care of the issue but ended up opening a new flaw. It allowed any process to read the complete kernel memory at speeds as high as gigabytes per second.
For those who don’t know, Frisk is a notable researcher who previously pointed out the flaws in Apple FileVault disk encryption.
Coming back to Windows 7, the attacker doesn’t even need to make use of any fancy exploits; Windows 7’s standard read and write to in-process virtual memory is enough.
But how did this screw-up occurred in the first place? It happened due to a single bit set by the kernel in a CPU page table entry. As a result, the permission was flipped from supervisor-only to any-user.
The researcher has also developed a proof-of-concept to show the same in action. You can find all the technical details and code to test this flaw here on Frisk’s blog.
Is my Windows 7 PC vulnerable?
This issue affects the Windows 7 x64 PCs with January and February patches. The issue has been silently patched by Microsoft in March Patch Tuesday update. So, make sure to install it and secure your system.