The Threat
The vulnerability was introduced in Microsoft’s January patch as part of their efforts to fix the “Meltdown” security flaw. The impact of this new vulnerability is more severe than the original. If a system is successfully exploited, malicious software can be allowed to read system memory at speeds of gigabytes per second. The malware can also gain write access to anywhere in the system, including protected kernel memory.
In essence, this can allow an attacker to gain system-level privileges on the affected host, in addition to allowing the attacker access to sensitive information in system memory. As with the original ‘Meltdown’ vulnerability, this is not remotely exploitable. The malicious code must be run locally on the system for the vulnerability to be exploited.
Recommendations
Align is not aware of any official response from Microsoft at this time. However, mitigation of this new vulnerability requires that the latest Microsoft security updates be applied to affected systems, as per their March 13th release. Affected systems include: