Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft's 'Meltdown' Patch For Windows 10 Contains a Fatal Flaw (bleepingcomputer.com)

Posted by EditorDavid on from the fishing-chips dept.

An anonymous reader quotes BleepingComputer: Microsoft's patches for the Meltdown vulnerability have had a fatal flaw all these past months, according to Alex Ionescu, a security researcher with cyber-security firm Crowdstrike. Only patches for Windows 10 versions were affected, the researcher wrote today in a tweet. Microsoft quietly fixed the issue on Windows 10 Redstone 4 (v1803), also known as the April 2018 Update, released on Monday.

"Welp, it turns out the Meltdown patches for Windows 10 had a fatal flaw: calling NtCallEnclave returned back to user space with the full kernel page table directory, completely undermining the mitigation," Ionescu wrote. Ionescu pointed out that older versions of Windows 10 are still running with outdated and bypass-able Meltdown patches.

Wednesday Microsoft issued a security update, but it wasn't to backport the "fixed" Meltdown patches for older Windows 10 versions. Instead, the emergency update fixed a vulnerability in the Windows Host Compute Service Shim (hcsshim) library (CVE-2018-8115) that allows an attacker to remotely execute code on vulnerable systems.

17 of 106 comments (clear)

  1. Worse than containing a potential flaw... by greenwow · · Score: 2

    too many of our servers, desktops, and laptops will no longer boot after installing Meltdown/Spectre fixes. The usual symptom is that they show the Windows loading screen then a blank screen.

    1. Re:Worse than containing a potential flaw... by Anonymous Coward · · Score: 2, Funny

      Impenetrably secure! Consider that Meltdown problem fixed!

    2. Re:Worse than containing a potential flaw... by Anonymous Coward · · Score: 5, Informative

      I think Microsoft views disabling servers as less worse than leaving them with a security problem. Just sucks for us since my company's web site is down after apply new Microsoft updates. I'm probably going to lose my job over this which sucks, but I did put in writing in an email that our staging systems wouldn't boot after installing the latest Windows updates.

    3. Re:Worse than containing a potential flaw... by gweihir · · Score: 4, Insightful

      The thing that really surprises me is that MS is not getting any better at producing software. This is still the same incompetence that could routinely be observed back when MSDOS got patched. They blunder and bumble and mess up, and they still have the by far largest market-share on the desktop and a significant one on the server. Are their customers really this fundamentally stupid?

      --
      Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
    4. Re:Worse than containing a potential flaw... by Anonymous Coward · · Score: 2, Insightful

      Switch to a real operating system? Fedora works fantastically well on my Precision 7510.

  2. Windows and "free to play" by stikves · · Score: 4, Insightful

    The Windows 10 update system feels like "free to play" games, where they actually make you pay more than what you would have paid outright if you made an upfront purchase.

    While I like the some of the new features (linux support, more responsive UI, remote xbox streaming, etc), they make sure unwanted cruft comes with it, since you can no longer choose to include or not include many components. Also they took away the excellent Windows Media Center which still has no free alternative.

    It is now too late, but I wish we stayed with the WIndows 7 model, where a purchase meant a purchase not a subscription.

    1. Re:Windows and "free to play" by Anonymous Coward · · Score: 3, Insightful

      It is now too late, but I wish we stayed with the WIndows 7 model, where a purchase meant a purchase not a subscription.

      One word of advice: "Linux".

    2. Re:Windows and "free to play" by Dutch+Gun · · Score: 4, Informative

      I wish we stayed with the WIndows 7 model, where a purchase meant a purchase not a subscription.

      I haven't yet seen a monthly bill for my copy of Windows. People keep mistaking the new Windows model as some radical departure, which it really is not. All it means is that Microsoft is doing away with UPGRADE purchases. You're still required to purchase a new copy of Windows if you buy a new computer.

      You get a license for the lifetime of the computer, not your lifetime. So, it's really not as different in reality as "the last version of Window" sounds. I think Microsoft just realized that most consumers didn't purchase upgrades anyhow (only "upgrading" when a new computer was purchased), and maintaining several OS lines at the same time was a pain, so in reality, it's more of a cost-saving measure for them by simply keeping everyone on the same branch of Windows.

      --
      Irony: Agile development has too much intertia to be abandoned now.
    3. Re:Windows and "free to play" by gweihir · · Score: 3, Informative

      Indeed. As to playing media, VLC works pretty well, I don't think I have used the WMC in years. (I am still on Win 7 and preparing to move everything except gaming to Linux when Win10 cannot be avoided anymore...)

      --
      Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
    4. Re:Windows and "free to play" by thegarbz · · Score: 2

      W10 is touted as the Most secure version ever, and they cannot fix a critical flaw

      In their defence, OS level attacks on Windows 10 are very rare, and this critical flaw they cannot fix hasn't actually caused any grief to the point where across most OSes there are a large number of people who either purposely didn't apply the fix or disabled the fix to gain a speed improvement.

      Not all critical flaws are critical to all people.

    5. Re: Windows and "free to play" by gweihir · · Score: 2

      Not for me, restricting gaming to Linux cuts too many things I want to play. I expect that with Vulcan things will get better over the next 10 years or so. Having a "secure" system and one where there is minimal personal data, no email, no web-surfing, etc. for gaming was a longer-term plan of me anyways and properly restricted, Win10 becomes an acceptable risk for the moment, I think.

      --
      Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
  3. Two similar errors on two different versions by klingens · · Score: 4, Interesting

    First they totally fscked up the Windows 7/Server 2008 Meltdown "fix" allowing every user program access any RAM area they wanted
    https://www.theregister.co.uk/...
    And now again they fsck it all up in another version as well by returning the data the patch was supposed to not return. But the way they did fsck it up was totally different than the Windows 7 way. They have so many fuckups, they create different ones for each OS version, cause one fuckup is not enough. Code reuse with audited, well written code would be too easy for two OS kernels that are so much the same obviously. No 7 and 10 are not different. Still the same kernel where even many drivers work fine the same.

    These clowns are too stupid to write any OS for more than a non-programmable calculator.

    1. Re:Two similar errors on two different versions by gweihir · · Score: 2

      You trust MS to code for a simple pocket calculator? Don;t you know that excel has been calculating wrongly for decades? Now, the real problem with MS is that everybody else keeps getting better, but MS just keeps getting richer. Which also means that the actual real problem here is the customer. MS has proven to be incapable and incompetent time and again, but people just continue to use and buy their trash.

      --
      Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
    2. Re:Two similar errors on two different versions by thegarbz · · Score: 2

      These clowns are too stupid to write any OS for more than a non-programmable calculator.

      Or maybe this is a fundamentally hard problem to fix depending on how it the entire system is designed. Linux got lucky with their solution to the problem as it nicely piggybacked on work that has been ongoing since 2005 > ASLR then KASLR 4 years ago. Windows 10 was the first MS OS to even experiment with ASLR on the kernel and it had its fair share of bugs so they didn't have a neat and easy foundation for KPTI.

      Unlike other OSes (i.e. Linux) which only rolled out the fix to the most recent kernel and the LTS kernel, MS backported it to a variety of OSes, each with significant differences in the way kernel memory is managed.

      So by all means, step up and show how its done.

  4. Too many versions of Windows 10 by xack · · Score: 2

    And not enough time to test them properly. Microsoft should just support one version of Windows 10, getting rid of superfluous versions like 10S and take the LTSB version and just support that without the six monthly "Windows as a service" updates.

  5. Re:5 months later still the same by Anonymous Coward · · Score: 3, Funny

    What does microsoft pay its engineers for exactly?

    They write the code; you test it.

  6. Microsoft's downfall began... by Kaenneth · · Score: 4, Informative

    Microsoft's downfall began when they fired most of their QA staff.

    Everything has gone to shit since.

    http://www.businessinsider.com...

    Satya Nadella has fucked things up, but it's not too late to fire him.