Meltdown / Spectre quick check and update status

A quick way to see if you are at risk for CVE-2017-5754 (Meltdown) and CVE-2017-5715 (Spectre)

PS > Install-Module SpeculationControl

PS > Get-SpeculationControlSettings

If you see those red line you are at risk;

Hardware support for branch target injection mitigation is present: False

Windows OS support for branch target injection mitigation is present: False

Windows OS support for branch target injection mitigation is enabled: False

Windows OS support for kernel VA shadow is present: False

Windows OS support for kernel VA shadow is enabled: False

 

Now on another note, the patch KB4056892 (OS Build 16299.192) break a lot of Antivirus.

If automatic updates are enabled, the January 2018 Windows security update will be offered to the devices running supported anti-virus (AV) applications. Updates can be installed in any order.

A quick and dirty tip, if the install is installed is to add that registry key for disabling the fix for the time your Antivirus get updated;

Contact your Anti-Virus AV to confirm that their software is compatible and have set the following  REGKEY on the machine

Key=”HKEY_LOCAL_MACHINE”Subkey=”SOFTWARE\Microsoft\Windows\CurrentVersion\QualityCompat”
Value Name=”cadca5fe-87d3-4b96-b7fb-a231484277cc”
Type=”REG_DWORD”
Data=”0x00000000”

Reference:

ADV180002 | Guidance to mitigate speculative execution side-channel vulnerabilities

January 3, 2018—KB4056892 (OS Build 16299.192)

 

 

Advertisements
This entry was posted in microsoft. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

w

Connecting to %s