meltdown.jpg

Image: iStockphoto/curraheeshutter

The source code for Total Meltdown, a vulnerability created when Microsoft tried to patch the initial Meltdown flaw, is now available on GitHub.

A person known as XPN, whose blog lists them as a hacker and infosec researcher, posted detailsof a working exploit that takes advantage of Total Meltdown on Monday. In addition to that blog post, the source code for the exploit is now on GitHub, too.

In the blog post, XPN describes Total Meltdown as a “pretty awesome” vulnerability in that it allows “any process to access and modify page table entries.” XPN also noted that the goal was to create an exploit that could “elevate privileges during an assessment,” but it was only to help other people understand the exploitation technique, not to create a read-to-use attack.

SEE: System update policy (Tech Pro Research)

For those unfamiliar, Total Meltdown was originally created from a botched patch Microsoft issued for the original Meltdown flaw–of the Spectre/Meltdown fame. Whereas the original Meltdown flaw was read-only, Total Meltdown also provides write access.

If you’re worried about XPN’s exploit, or any issues with Total Meltdown, it should be noted that it only affects 64-bit versions of Win7 and Server 2008 R2. As noted by the Woody on Windows column in Computerworld, the following patches introduced Total Meltdown:

  • KB 4056894
  • KB 4056897
  • KB 4073578
  • KB 4057400
  • KB 4074598
  • KB 4074587
  • KB 4075211

[SOURCE]