2018 has begun with panic in media and security circles about serious microprocessor vulnerabilities exploited by Proof-of-Concept code nicknamed “Meltdown” and “Spectre”. These hardware vulnerabilities are present in the chips manufactured by Intel, AMD and ARM, thereby affecting the vast majority of Windows, Mac, Android and Linux devices. These vulnerabilities have three CVE numbers:
|CVE-2017-5715||Branch Target Injection; exploited by Spectre|
|CVE-2017-5753||Bounds Check Bypass’ exploited by Spectre|
|CVE-2017-5754||Rogue Data Cache Load, exploited by Meltdown|
These chip vulnerabilities are serious because they can be exploited by malicious programs to reveal users’ secret data, like passwords, from kernel memory to malicious programs which should not have access to this information, resulting in a kernel data leak. So, protecting against Meltdown and Spectre type attacks required a change in the way the operating system handles memory management via security patches. In the case of Microsoft Windows, such OS patches have led to OS crashes, i.e. BSoD, with certain Anti-Virus products by interrupting their existing memory-accessing techniques. Hence Microsoft is only releasing the patches to computers which have a compatible Anti-Virus installed to avoid critical instability issues.
The good news is that K7 security products were already compatible with the patches even before their public release, and customers who are using any K7 security product including K7 Total Security and K7 Enterprise Security on genuine Windows installations are not required to take any additional measures to ensure that the Microsoft patches for Meltdown/Spectre are successfully applied.
More info about this Windows updates is available here: Microsoft Support article.
Note, crafting such exploits is not easy at all, and there are no known malware exploiting these vulnerabilities at this point in time. However, there could be in the near future, so we recommend applying the patches as soon as possible.