Windows 7: Can an update make the system more vulnerable?

Microsoft Updates to Meltdown (CVE-2017-5754) seem to have accidentally left users using systems exposed 7 64-bit. Τα συγκεκριμένα συστήματα φέρεται να είναι ευπαθή πολύ περισσότερο από ότι ήταν πριν την , according a researcher.

Let's remind that Meltdown is a hardware vulnerability that proved almost simultaneously by several groups of researchers.

Windows 7

The vulnerability allows an attacker to access the contents of kernel memory in passwords and encryption keys, that is, from a part used by routine applications.

So Microsoft and many other companies tried to fix the vulnerability by updating operating systems (except for BIOS updates from manufacturers). So we saw two different updates for Windows in January and February.

But according to Ulf Frisk, something went wrong right from the first update που κυκλοφόρησε τον Ιανουάριο, όταν εγκαταστάθηκε σε συστήματα με Windows 7 και R2. The update skipped some control permissions for something called Page Map Level 4 (PML4).

What is this;

Είναι ένας πίνακας που χρησιμοποιείται από τους μικροεπεξεργαστές της Intel για να μεταφράσει τις εικονικές διευθύνσεις μιας διεργασίας σε διευθύνσεις ς μνήμης στη μνήμη RAM.

However, only the kernel must have access to this table. Because if things do not happen, they are very simple for every attacker.

No clever exploits will be needed, since Windows 7 does all the hard work of mapping the required memory to each running process. The exploit is simply a matter of reading and writing to an already mapped one in operation. No complicated APIs or syscalls required.

According to Frisk, the update was released on March Microsoft has fixed the problem on Windows 10, 8, and 7 32bit. This means that Windows 7 x64 systems that receive only the January and / or February updates are still affected.

Seeing systems more vulnerable (than they were before) after an update it's something we don't come across often.

First there was an update on the flaw, which created a new and distinct defect, which required a new solution for repair.

But to be fair, Microsoft may have written the buggy code, but it was trying to cover completely security flaws that originated in the way hardware was designed two decades ago.

Following the above, we must once again emphasize the importance of immediately implementing any new updates.
OK with Microsoft good will be to wait a few days, especially in production systems. The Best Technology Site in Greecefgns

Subscribe to Blog by Email

Subscribe to this blog and receive notifications of new posts by email.

Written by giorgos

George still wonders what he's doing here ...

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).