'Microsoft's January and February security fixes for Intel's Meltdown
processor vulnerability opened up an even worse security hole on
Windows 7 PCs and Server 2008 R2 boxes. From a report:
This is according to researcher Ulf Frisk, who previously found
glaring shortcomings in Apple's FileVault disk encryption system.
We're told Redmond's early Meltdown fixes for 64-bit Windows 7 and
Server 2008 R2 left a crucial kernel memory table readable and
writable for normal user processes. This, in turn, means any malware
on those vulnerable machines, or any logged-in user, can manipulate
the operating system's memory map, gain administrator-level
privileges, and extract and modify any information in RAM. The
Meltdown chip-level bug allows malicious software, or unscrupulous
logged-in users, on a modern Intel-powered machine to read passwords,
personal information, and other secrets from protected kernel memory.
But the security fixes from Microsoft for the bug, on Windows 7 and
Server 2008 R2, issued in January and February, ended up granting
normal programs read and write access to all of physical memory'
-- source: https://tech.slashdot.org/story/18/03/28/2010240
Time to move to another operating system...
Dept. of Computer Science
University of Waikato, NZ
+64 (7) 858-5174