Cyber Security

Windows 7 PCs more vulnerable due to Microsoft’s own patch for Meltdown

If you haven’t heard of the Meltdown and Spectre vulnerabilities, these are security flaws discovered by researchers earlier this year found in computer processors from all manufacturers: Intel, ARM, and AMD, which means all current and previous generations of PCs, servers, and mobile phones are vulnerable to data theft.
It became even worse on the Windows 7 operating system as Microsoft’s latest patch somehow made any unprivileged, user-level application to read content from and even write data on the operating system’s kernel memory.

A independent Swedish security researcher, Ulf Frisk discovered that Microsoft’s security patches for the Meltdown flaw on Windows 7  operating system- which allowed attackers to exploit the kernel memory by reading it at a speed of 120 KBps—is now allowing attackers to exploit the same kernel memory at a speed of Gbps, making the issue practically much worse on all 64 bit variants of Windows 7 and Windows Server 2008 R2.

To prove this claim, Frisk published a detailed breakdown and a proof-of-concept exploit.

Frisk said he did not find any links between the new vulnerability to anything on the current public list of Common Vulnerabilities and Exposures and he is inviting other researchers to test the flaw using an exploit kit he released on GitHub.

Microsoft sends out patches every second Tuesday of the month and they have included patches for this issue this month. With all of this, admins and users of Windows 7 and Windows 2008 R2 are advised to update their systems as soon as possible.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.