Microsoft’s Meltdown Patch Brought Severe Vulnerability – Total Meltdown

Mar 31, 2018360TS

Microsoft recently issued a security update for Windows 7 and Windows Server 2008 R2 to fix the security issue within the Meltdown Patch of Microsoft released on January and February.

This flaw in Microsoft’s Meltdown patch, named Total Meltdown, was exposed by a Swedish security expert earlier this week and allows attackers to arbitrarily access kernel memory.

What’s Meltdown

Earlier this year, Meltdown and Spectre were found to be the most severe vulnerability that exists on almost every CPU on earth. By abusing the speculative execution feature of modern CPU design, these exploits allow attackers to read memory where most critical user data, such as your document and account passwords, resides.

On 2018-01-03 and 2018-02-13, Microsoft released KB4056897 and KB4074587 to mitigate the CPU vulnerabilities via Windows Operating System and 360 Center also released the first CPU vulnerability assessment tool.

How Total Meltdown affects your computer

According to the research who found the flaw, the patch which was supposed to block the CPU security holes implanted another breach to 64bit windows 7 and Windows Server 2008 R2.

Kernel memory on operating system are where high privilege tasks of the system are run, and tasks running there can access the memories of all applications. This means most users’ data can be stolen once the kernel memory is compromised.

By wrongly setting of the privilege of kernel memory, PML4, to User-Mode-Readable, any user mode application, including malicious ones, can gain free access to the kernel memory.

Apply Patch Soon

On 2018-03-13, Microsoft has issued KB4088878 to address the issue. 360 Security Center urges user to apply the fix as soon as possible:

  1. Users of 360 Total Security can get the update via PatchUp feature. Download 360 Total Security
  2. Alternatively, user can download the patch from Microsoft.com. Download KB4088878