Microsoft’s January and February patches for the Meltdown vulnerability introduced an even more dangerous flaw that left Windows 7 and Server 2008 R2 systems vulnerable to complete compromise.
The bug is somewhat ironic because it gives user-mode programs full read-write access to the system’s memory, including protected areas that should only be accessible to the kernel. This means attackers or malware programs with limited access to a computer can escalate their privileges and take full control.
Meanwhile, the Meltdown attack that Microsoft’s patch was meant to mitigate in the first place provided user-mode programs with only read access to protected kernel memory, potentially leading to the leaking of sensitive secrets such as passwords and encryption keys.
The bug was discovered recently by security researcher Ulf Frisk, who found that Microsoft silently fixed it in the March security updates. Frisk confirmed the vulnerability on 64-bit versions of Windows 7 and Server 2008 R2 with the January and February patches installed, but 32-bit versions might also be affected.
Systems that haven’t been updated since December are not vulnerable but are likely affected by Meltdown if they have Intel CPUs, while Windows 8.1 and Windows 10 systems don’t have the issue at all.
“In short – the User/Supervisor permission bit was set to User in the PML4 self-referencing entry,” Frisk said in a blog post. “This made the page tables available to user mode code in every process. The page tables should normally only be accessible by the kernel itself.”
The PML4 is a critical part of the page table hierarchy that the CPU’s Memory Management Unit (MMU) uses to translate virtual memory addresses, which are used by processes, into physical memory addresses in the system’s RAM. Windows has a special self-referencing entry in PML4 that in Windows 7 is at a fixed position, while in Windows 10 is randomized.
This memory address is normally made accessible only to the kernel (Supervisor), but because of the bug that set the entire PML4 permission to User, this address got mapped into every process and was made available to code that runs with limited permissions.
“No fancy exploits were needed,” Frisk said. “Windows 7 already did the hard work of mapping in the required memory into every running process. Exploitation was just a matter of read and write to already mapped in-process virtual memory. No fancy APIs or syscalls required – just standard read and write!”
The problem is that some companies might have delayed installing the March security updates for Windows 7 and Windows Server 2008 R2 because of reports that they cause networking issues on certain system configurations. Microsoft acknowledges problems with KB4088878 on systems with static IP address assignments and those that use virtualized network interfaces. The company plans to address these issues in an upcoming update.
Researchers Develop a New Speculative Execution Attack
The Spectre and Meltdown attacks announced earlier this year opened a new area of security research focused on the speculative execution mechanism present in modern processors.
Speculative execution significantly enhances the performance of CPUs by guessing in advance the execution path that a program will take when encountering a conditional branch in its programming. Because of this, when the program reaches a fork and makes a decision, the CPU will often already have the data ready for it, as it executed instructions in advance. However, if the CPU’s prediction proves incorrect, the resulting data is simply discarded and execution continues down the path chosen by the program.
The Spectre attack exploited one component of branch prediction units called the branch target buffer (BTB) to leak information by monitoring access times in the processor’s cache. A team of researchers from University of California Riverside, College of William and Mary, Carnegie Mellon University in Qatar and Binghamton University has now developed a different attack called BranchScope that exploits another BPU component called the directional branch predictor.
“To the best of our knowledge, BranchScope is the first attack exploiting the directional predictor structure, showing that BPUs can be vulnerable even if the BTB is protected,” the researchers said in their paper. “BranchScope works by forcing collisions between the attacker and selected victim branches and exploiting these collisions to infer information about the victim branch.”
According to the researchers, BranchScope provides additional ways for attackers to take advantage of speculative execution to perform more advanced and flexible attacks and is not affected by defenses against BTB-based attacks such as Spectre.
The researchers demonstrated their attack on Intel Sandy Bridge, Haswell and Skylake CPUs with an error rate of less than 1 percent and also showed it can be used against secure Intel Software Guard Extensions (SGX) enclaves with an even lower error rate. Their paper includes proposed hardware and software countermeasures for the new attack.