Wasn't it hilarious when Microsoft released a patch for the Meltdown flaw that made things even worse by allowing write access to kernel memory as well as read access? Well, if you haven't the patch which fixes the patch in place you won't be laughing so hard today. The Register has seen proof of concept code which makes use of this flaw to elevate a DOS shell window to NT AUTHORITYSystem from a user without admin privileges. Get yourself patched up, especially that Server 2008 instance!
"If you're not up-to-date with your Intel CPU Meltdown patches for Windows 7 or Server 2008 R2, get busy with that, because exploit code for Microsoft's own-goal flaw is available."
Here is some more Tech News from around the web:
- E-waste warrior slapped with 15-month sentence for flogging Windows restore discs @ The Inquirer
- Windows 10 April 2018 Update is Coming On April 30 @ Slashdot
- Google Updates: Apps gone free, Chrome gone curvy, Play Music… gone? @ The Inquirer
- Apple debugs debugger, nukes pesky vulns in iOS, WebKit, macOS @ The Register
- Ubuntu 18.04 LTS arrives with Gnome desktop, Kuberflow and Nvidia GPU acceleration @ The Inquirer
- In a touching Monty Python tribute today, Microsoft's Office 365 makes everything spam @ The Register
- Intel delays 10nm chips yet again as firm suffers 'yield issues' @ The Inquirer
- Noise from blast of gas destroys Digiplex data depot disk drives @ The Register