Skip to main content

CPU bug patch saga: Antivirus tools caught with their hands in the Windows cookie jar

posted onJanuary 10, 2018
by l33tdawg

Microsoft's workaround to protect Windows computers from the Intel processor security flaw dubbed Meltdown has revealed the rootkit-like nature of modern security tools.

Some anti-malware packages are incompatible with Redmond's Meltdown patch, released last week, because the tools make, according to Microsoft, “unsupported calls into Windows kernel memory,” crashing the system with a blue screen of death. In extreme cases, systems fail to boot up when antivirus packages clash with the patch.

The problem arises because the Meltdown patch involves moving the kernel into its own private virtual memory address space. Usually, operating systems such as Windows and Linux map the kernel into the top region of every user process's virtual memory space. The kernel is marked invisible to the running programs, although due to the Meltdown design oversight in Intel's modern chips, its memory can still be read by applications. This is bad because it means programs can siphon off passwords and other secrets held in protected kernel memory.

Source

Tags

Industry News

You May Also Like

Recent News

Wednesday, April 25th

Tuesday, April 24th

Monday, April 23rd

Sunday, April 22nd

Friday, April 20th

Wednesday, April 11th

Tuesday, April 10th

Monday, April 9th