Patch to the patch to the patch to the 7
March 30, 2018 5:12 AM   Subscribe

The Meltdown bug makes system RAM externally readable (previously). The first two patches for the Meltdown bug in Windows 7 made system RAM externally read-writable. So install the third Windows 7 / Win Server 2008 patch for the Meltdown bug ASAP.

Windows 8 and 10 are not affected. To the best we know. So far.
posted by ardgedee (23 comments total) 8 users marked this as a favorite
 
When I first read about the Meltdown bug I wondered why more people weren't screaming for the heads of Microsoft. It seems comparable to the VW diesel thing which people were all up in arms over.
posted by MadMadam at 5:28 AM on March 30, 2018 [2 favorites]


It’s Intel’s hardware vulnerability - Microsoft is just holding the bag.
posted by oceanjesse at 5:32 AM on March 30, 2018 [24 favorites]


> When I first read about the Meltdown bug I wondered why more people weren't screaming for the heads of Microsoft.

Meltdown is a hardware bug and operating systems have required patches to mitigate and work around it. Microsoft is on blast for patches that made the problem worse, but this whole time Microsoft has been responsibly trying to fix Intel's error.
posted by ardgedee at 5:39 AM on March 30, 2018 [14 favorites]


externally readable

Like, from across the room? Or three miles away? Should I adjust the mesh size on my Faraday cage?
posted by sfenders at 6:19 AM on March 30, 2018 [2 favorites]


For the reactions of those left holding the bag who are not bound by PR departments etc to hold their tongues, see also Linus' reaction. "So instead they try to push the garbage down to [OS engineers]" is among the nicer things he had to say.
posted by sldownard at 6:19 AM on March 30, 2018 [3 favorites]


Redmond's early Meltdown fixes [...] left a crucial kernel memory table readable and writable for normal user processes

Anyone know if this can be exploited from javascript? It seems unlikely, except that the original Meltdown could. I've just remembered that I recently clicked the checkbox on a web service to help pay for their server costs by letting them use a substantial amount of CPU time through my web browser.
posted by sfenders at 6:31 AM on March 30, 2018


Anyone know if this can be exploited from javascript?

To take advantage of this, the JavaScript would have to compromise the process sufficiently to be able to run native code that can access the OS page tables. I don't know at what rate exploits are found that allow this with $YOUR_BROWSER these days, but those kinds of exploits are typically fixed as soon as they are discovered.
posted by Slothrup at 6:44 AM on March 30, 2018


Sure, Lucy, sure you won’t pull away the ball this time.

These patches are giving a lot of heartache to Windows sysadmins because most of them can’t hand-craft exploits to verify the fix: but the Bad Guys do know how and waste no time in doing so.
posted by wenestvedt at 6:46 AM on March 30, 2018 [2 favorites]




On the Mac side of things, this really strikes me as something Apple should set-aside its “only two versions back” support doctrine and make patches available to as many Mac users as possible, even if they’re running an OS that is four or five versions old.

There are a not-insubstantial number of Mac users who, for various reasons, are not able to update their OS to the new shiny, even if their Macs are able to run it (usually various flavors of mission-critical software) Those folks are being left to twist in the wind on this.
posted by Thorzdad at 7:27 AM on March 30, 2018 [3 favorites]


Anyone know if this can be exploited from javascript?

I probably wouldn't go into the details even if I knew them, but I do know the JS-engine teams on all the major browsers have substantially revised their 2018 development roadmaps in light of this class of bugs. It turns out that protecting our users from malicious code on suddenly-untrustworthy hardware is a capital-H, capital-P Hard Problem.

Consider this a personal plea from me to you to update your web browsers and operating systems the same day they ask you to.
posted by mhoye at 7:34 AM on March 30, 2018 [6 favorites]


As predicted, more branch prediction processor attacks are discovered

What I'm taking from this is that any stateful optimization (caching, branch prediction...) that might run in more than one context (e.g. process) needs to only take into account state from that context. But keeping track of this information and using it appropriately would really increase the complexity of the hardware.
posted by a snickering nuthatch at 7:47 AM on March 30, 2018 [1 favorite]


But keeping track of this information and using it appropriately would really increase the complexity of the hardware.

That's not really a big problem. CPUs are actually tiny things. The actual execution units that do things are minuscule amounts of the silicon. The vast majority of your transistors on a modern CPU are dedicated to cache.
posted by Talez at 8:05 AM on March 30, 2018 [1 favorite]


Who runs mission-critical systems on a Mac?
posted by PhineasGage at 8:46 AM on March 30, 2018


Who runs mission-critical systems on a Mac?

Anyone who uses ssh or email on a Mac? (Seriously?)
posted by RobotVoodooPower at 8:49 AM on March 30, 2018 [10 favorites]


I support a very specialized and fairly complex suite of industry-specific software (whose uninterrupted functioning is critical to our customers' being able to do business). So far, every one of these patches have severely broken it, leaving us scrambling to figure out the fix while the phones are ringing off the hook with customers demanding that fix and yesterday.

I'm pissed at everyone right now. Sure, it's a hardware problem. Sure MS is doing its best. But why does "its best" involve breaking service registration for no goddamn reason? Why does "its best" involve running through the registry and changing every "D:\..." path to "C:\..."????

MS often seems to assume that every windows machine in the country is sitting on someone's kitchen table. The idea that these could be, like, I dunno, business machines whose configuration is, like, function-specific and can't just be arbitrarily scrambled is apparently news over there.

I could go for days on this.
posted by Krawczak at 8:51 AM on March 30, 2018 [13 favorites]


The real wonder of computer development over the last few decades is that they’ve been able to disclaim all consequential damages in their license agreements. Would that manufacturers of any other goods could (1) ship products that don’t work, and maybe fix them later, and (2) assume no responsibility whatsoever for the effects of their product failure. Firestone Tire could have gotten away with some free tire coupons.
posted by Huffy Puffy at 9:30 AM on March 30, 2018 [5 favorites]


I was dating a guy who worked in system security, specifically white hat penetration testing. I’ve walked away from what he’s shown me realizing that computers and especially networks are much more vulnerable than I could have imagined (and as someone that while might not be in that field, has worked in tech for a long ass time). I think I even know what exploit he used for this vulnerability (maybe, it’s not my area of expertise but it sounds like it) and I was shocked that it was possible. Shocked that a lot of the exploits he used were possible, really. I walked away from knowing him with the impression that the reason more businesses were not hacked was due strictly to not being targeted. If they were, not a lot would keep determined hackers out.
posted by [insert clever name here] at 11:31 AM on March 30, 2018 [1 favorite]


I walked away from knowing him with the impression that the reason more businesses were not hacked was due strictly to not being targeted

It's most about the proverbial running from the bear. You don't have to outrun the bear, you just have to outrun others. When you scan for attack surfaces you always go for the low hanging fruit before things where you actually have to try and compromise it.
posted by Talez at 12:28 PM on March 30, 2018 [4 favorites]


> Who runs mission-critical systems on a Mac?

People who build iOS banking and health data collection apps? Let us not forget the lesson of Trusting Trust.
posted by ASCII Costanza head at 12:29 PM on March 30, 2018 [1 favorite]


Mac users whose browser autoupdates (any of them) are not vulnerable to browser-based attacks by this vector, which rules out most of the Mac attack surface regardless of OS. Older browsers that do not autoupdate also lack the high-resolution timers necessary for this vector to work at all. Yes, downloading and running software increases the risk of being exploited, but that’s not the everyday use case for a lot of old Macs.
posted by crysflame at 4:43 PM on March 30, 2018


So unexpected ... after all they've done to improve Skype.


;->
posted by Twang at 5:23 PM on March 30, 2018 [1 favorite]


Who runs mission-critical systems on a Mac?

FWIW I once applied at a very large non-Apple tech company and when I came in for an interview I was shocked at the amount of iOS and Mac systems present, all employer-provided. For some reason this company, whose primary revenue stream involves highly personalized ad targeting, did not seem to trust Microsoft's ability to provide security or privacy.
posted by Mr.Encyclopedia at 7:45 PM on March 30, 2018 [3 favorites]


« Older "I think I'm just hitting my prime."   |   Fit to Be Thai’d: Why Are There So Many Thai... Newer »


This thread has been archived and is closed to new comments