14 DAY TRIAL // Microsoft’s Meltdown patch for Windows 10 might come with what security researcher Alex Ionescu describes as a “fatal flaw,” with the company quietly fixing it in the recently-launched April 2018 Update.
The Meltdown vulnerability surfaced in early January and Microsoft was one of the first companies to issue a patch. Windows 10 received multiple mitigations since then in order to keep users protected against both Meltdown and Spectre flaws, but it looks like the patches aimed at Windows 10 come with a bug that could allow an attacker bypass them.
“Welp, it turns out the #Meltdown patches for Windows 10 had a fatal flaw: calling NtCallEnclave returned back to user space with the full kernel page table directory, completely undermining the mitigation,” Ionescu said in a tweet on May 2.
April 2018 Update fully secure
Windows 10 April 2018 Update (version 1803) appears to be the only version of Windows 10 coming with a fix in this regard, as Microsoft has quietly addressed the bug before shipping it in late April. The public rollout of April 2018 Update started on April 30 as a manual download, and the automatic update is due to begin on May 8 to the first wave of compatible systems.
Microsoft is reportedly working on a fix for all the other Windows 10 versions, and although no ETA has been provided just yet, it’s expected to be published on May 8 as well as part of the Patch Tuesday rollout.
Right now, details on how exactly the Meltdown patches can be bypassed are not available and it’s not known if any malicious actors tried to exploit the flaw, but since Microsoft isn’t exactly in a rush to develop a fix, there’s a good chance all customers are secure.
Microsoft could provide more details on its buggy Meltdown update next week on Patch Tuesday.