Microsoft’s attempts to fix Meltdown flaw turned into Total Meltdown on Windows 7
It’s not a secret that Windows 7 is the main target of ransomware and malware. The unsupported operating system was the most affected OS by WannaCry ransomware last year. However, Microsoft provided patches and security feature due to the high usage of the OS.
Unfortunately, not all Microsoft’s attempts to do good for the customers end up as expected. Recently, the independent security researcher from Sweeden Ulf Frisk discovered that company’s attempt to fix Meltdown hardware vulnerability made the situation even worse.
Microsoft introduced Meltdown patch for Windows 7 in January which was supposed to fix the flaw that allowed attackers to read kernel memory. However, goodwill became a “Total Meltdown,” because the company left a mug that let malware not only reading, but overwriting memory too.
The “Total Meltdown” made machines with Windows 7 (x86-64 versions) and Server 2008 R2 (with the 2018-01 or 2018-02 patches) even less secure that they have been before. Meanwhile, Windows 8, 8.1 and 10 are not affected by this issue.
Total Meltdown opened new opportunities to the attackers
Originally, Meltdown vulnerability allowed attackers to read the kernel information due to issues with PML4 page table permissions. The total Meltdown flaw made the memory not only readable but writable as well. Hence, attackers can do anything if they manage to hack into a device.
This brand new Windows security hole allows malicious programs, or any user who has access to a vulnerable computer can get administrator privileges, manipulate memory map of the OS, access or overwrite information in RAM. It goes without saying that passwords and other personal information can be stolen easily as well.
Additionally, Meltdown vulnerability allowed reading memory at 120 KB/s speed. However, the Total Meltdown gave more speed. Now reading, stealing, and modifying kernel information is possible in GB/s speed.
Windows 7 users should patch OS immediately
As soon as the issue has been reported, Microsoft released emergency security updated to fix the Total Meltdown which was released with security updates in January and February. Users are urged to install CVE-2018-1038 vulnerability which fixed the security issue:
An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
[Source: Microsoft Security TechCenter]
The patch is issued via Windows Update. However, if you have disabled automatic updates, you should download it from the Microsoft’s Update Catalog.
Prevent websites, ISP, and other parties from tracking you
Private Internet Access is a VPN that can prevent your Internet Service Provider, the government, and third-parties from tracking your online and allow you to stay completely anonymous. The software provides dedicated servers for torrenting and streaming, ensuring optimal performance and not slowing you down. You can also bypass geo-restrictions and view such services as Netflix, BBC, Disney+, and other popular streaming services without limitations, regardless of where you are.
A VPN is also crucial when it comes to user privacy. Online trackers such as cookies can not only be used by social media platforms and other websites but also your Internet Service Provider and the government. Even if you apply the most secure settings via your web browser, you can still be tracked via apps that you are connected to the internet. Besides, privacy-focused browsers like Tor is are not an optimal choice due to diminished connection speed.
Therefore, to stay completely anonymous and prevent the ISP and the government from spying on you, you should employ Private Internet Access VPN. It will allow you to connect to the internet while being completely anonymous, prevent trackers, ads, as well as malicious content. Most importantly, you will prevent the illegal surveillance activities that NSA and other governmental institutions are performing behind your back.
Recover your lost files quickly
Unforeseen circumstances can happen at any time while using the computer: it can turn off due to a power cut, a Blue Screen of Death (BSoD) can occur, or random Windows updates can decide to reboot the machine when you went away for a few minutes. As a result, your schoolwork, important documents, and other data might be lost.
Additionally, you might also be attacked by malware that can corrupt your Windows or encrypt files with a robust encryption algorithm, and ask for a ransom in Bitcoin for the decryption tool. Cybercriminals might not deliver what they promised, however, so it is better to attempt alternative file recovery methods that could help you to retrieve at least some portion of the lost data.
Data recovery software is one of the options that could help you recover your files. Once you delete a file, it does not vanish into thin air – it remains on your system as long as no new data is written on top of it. Data Recovery Pro is recovery software that searchers for working copies of deleted files within your hard drive. By using the tool, you can prevent loss of valuable documents, school work, personal pictures, and other crucial files.