Report: 'Meltdown' Patch Did More Harm than Good for Windows 7 -- Redmond Channel Partner

Bekker's Blog by Scott Bekker, Editor in Chief

Report: 'Meltdown' Patch Did More Harm than Good for Windows 7

Patches that were released in January to protect Windows 7 from the Meltdown flaw may have opened an even worse can of worms for the OS, according to one security researcher.

Ulf Frisk, a security researcher who specializes in direct memory access (DMA) attacks, described the problem this week in a blog post called "Total Meltdown?"

The January patch was intended to address the Meltdown flaw in Intel, IBM POWER and ARM-based processors that emerged in January and theoretically allows a rogue process to read all memory on a system.

"[The patch] stopped Meltdown but opened up a vulnerability way worse...It allowed any process to read the complete memory contents at gigabytes per second, oh -- it was possible to write to arbitrary memory as well," wrote Frisk, who is the author of the PCILeech memory access attack toolkit, and who described himself in a DEFCON 24 presentation in 2016 as a penetration tester specializing in online banking security and working in Stockholm, Sweden.

**[Click on image for larger view.]** Using his PCILeech tool, researcher Ulf Frisk demonstrates the speed of memory dumping from Windows 7 with the January patches at 4GB/s (left). The dump speed is slightly slower when dumping the memory to disk (right). (Image source: Ulf Frisk)

"No fancy exploits were needed. Windows 7 already did the hard work of mapping in the required memory into every running process. Exploitation was just a matter of read and write to already mapped in-process virtual memory. No fancy APIs or syscalls required -- just standard read and write," Frisk said.

The flaw does not affect Windows 10 or Windows 8, according to Frisk.

The problem appears to have been introduced by the Windows 7 patches released in January, during the industrywide scramble to address the Meltdown and related Spectre flaws whose existence was revealed slightly ahead of schedule. Some of the first-generation patches caused reboot and slowdown issues, among other problems.

Frisk said the subsequent March patch for Windows 7 fixed the flaw, and he discovered the problem after the March patch was released.

Posted by Scott Bekker on March 28, 2018

Free Webcast! Learn about Password Management Best Practices

Featured

2025 Microsoft Conference Calendar: For Partners, IT Pros and Developers

Here's your guide to all the IT training sessions, partner meet-ups and annual Microsoft conferences you won't want to miss.
Azure Edges Out AWS in MSP Survey, Disrupting Status Quo

Microsoft Azure has outpaced Amazon Web Services (AWS) in a key area of the MSP-focused channel.
Nerdio Aims To Simplify (and AI-ify) Windows 365 Management

Longtime Microsoft partner Nerdio is expanding its capabilities for managing Windows 365 with the launch of Nerdio Manager for Enterprise 7.0.
Microsoft Teams Up with UiPath to Advance AI-Driven Enterprise Automation

Microsoft and UiPath have announced a new collaboration focused on enterprise automation, unveiling a seamless integration between Microsoft Copilot Studio and UiPath Studio.

RCP Update

Email Address*Country*

Please type the letters/numbers you see above.

Bekker's Blog by Scott Bekker, Editor in Chief

Report: 'Meltdown' Patch Did More Harm than Good for Windows 7

Featured

2025 Microsoft Conference Calendar: For Partners, IT Pros and Developers

Azure Edges Out AWS in MSP Survey, Disrupting Status Quo

Nerdio Aims To Simplify (and AI-ify) Windows 365 Management

Microsoft Teams Up with UiPath to Advance AI-Driven Enterprise Automation

2025 Microsoft Conference Calendar: For Partners, IT Pros and Developers

Microsoft to Shut Down Skype Services

Meet 'The Evolvers': The Partner Masters

The Partner Case for Dogfooding AI

GTIA Steps Into the Channel Spotlight

2025 Microsoft Conference Calendar: For Partners, IT Pros and Developers

Microsoft to Shut Down Skype Services

Meet 'The Evolvers': The Partner Masters

The Partner Case for Dogfooding AI

GTIA Steps Into the Channel Spotlight

Partner Guides

Partner's Guide to the Windows Server 2008 Deadline

Partner's Guide to Office 365 Security Costs

Partner's Guide to UCaaS

Partner's Guide to Starter Workloads in Azure

Partner's Guide to Microsoft's Fiscal Year 2019

FREE WEBCASTS FROM OUR SPONSORS

Empower Your Clients with Azure Arc

Future-Proofing Tax Strategy Amid Global Challenges with Vertex O-Series Cloud

Tech Talk | What Keeps MSPs Up at Night? Addressing Key Risks and Building Resilience

Unlocking a New Era of Tax Automation within Microsoft Dynamics 365: Introducing Vertex's API-Based Tax Integration

FREE WHITE PAPERS FROM OUR SPONSORS

Unlock the benefits of Microsoft Azure partnership

How Retailers Can Overcome 7 Common Tax Compliance Challenges

Tax Challenges Affecting the Manufacturing Industry

Data Analytics Drive Supply Chain Optimization