Microsoft fixes a meltdown vulnerability in windows 7

The Meltdown and Specter vulnerabilities have caused headaches for device and software manufacturers. An example of this is the Microsoft patch for Windows 7 and Windows Server 2008 R2, which inadvertently paved the way for new exploits.

Microsoft fixes a major security hole in Windows 7

Security researcher Ulf Frisk discovered that Microsoft's January patches for Meltdown allowed infected processes to read and write to physical memory, which could also lead to elevation of privilege. Microsoft fixed this issue in the March patch, but systems running January and February patches have been vulnerable thus far.

We recommend reading our post on BranchScope is a new vulnerability of Intel processors

Now the company has released update KB4100480 for Windows 7 x64 Service Pack 1, Windows Server 2008 R2 x64 Service Pack 1, and Windows Server 2008 R2 x64 Service Pack 1. This new update addresses an elevation of privilege vulnerability when the Windows kernel does not properly handle objects in memory. The update addresses the vulnerability by correcting how the Windows kernel handles objects in memory.

Microsoft has advised affected users to install the update immediately, and has classified the severity of the problem as significant. Operating systems other than those mentioned above are safe from this exploit, and only Windows 7 and Windows Server 2008 R2 computers, which have patches from January or February are affected.

The new patch ships via Windows Update on specific Windows 7 systems, but can also be downloaded manually from Microsoft's update catalog here.

Softpedia font