24.2 C
Guru Unix /Linux and GNU supporter

Microsoft Meltdown Patch Fatal Flaw – Work Ongoing

Meltdown and Spectre were the biggest inventions of the security flaws to date. They simply shook the world of cyber security to the roots. These are caused by hardware issues of the modern chipsets. Microsoft has released patches for these bugs, but the patches itself are in danger now.

Recently, a serious vulnerability has been found in the Microsoft patch for Meltdown. For a quick reminder, meltdown removes the barrier of memory and allows access to other apps’ memory locations unauthorized. You can check out the original nature of Meltdown here.

According to Alex Ionescu, a security researcher from cyber-security firm Crowdstrike, the patch allowed bypassing the security barrier and take the advantage of the chipset flaws for stealing information. Almost all the Microsoft Windows 10 versions are infected with the vulnerability, except the latest Windows 10 Redstone 4 (v1803). It seems like Microsoft has fixed the vulnerability in the latest update.

Old Windows 10 systems are still running the bypass-able patch for Meltdown. Instead of backporting the update faster, Microsoft has released another new update for the Windows Host Computer Service Shim (hcsshim) library flaw (CVE-2018-8155) that allowed a hacker execute remote code in the vulnerable system. The updated version of the “hcsshim” is available on GitHub.

How to Stay Secured

- Advertisement -

If you’re a Windows 10 user, make sure to update to the latest version – v1803. Microsoft is already working with the backport updates. According to our assumption, the patch may arrive in May 2018 Patch Tuesday, but it’s just a speculation.

- Advertisement -
Everything Linux, A.I, IT News, DataOps, Open Source and more delivered right to you.
"The best Linux newsletter on the web"


Please enter your comment!
Please enter your name here

Latest article