Loading Posts...

How To Check Vulnerable Status For Windows Systems With Get-SpeculationControlSettings PowerShell Script

I hope you already heard the “ZombiLoad” or microarchitectural data sampling (MDS) vulnerability and this post is to Check Vulnerable Status For Windows Systems against the released security advisories with Get-SpeculationControlSettings PowerShell script. Actually, this was a part of the recommended actions in the Microsoft guidelines, many readers asked about this step and I thought to publish these simple steps for them to understand.

Latest operating systems can use the PowerShell Gallery to import and install the modules otherwise, for old operating systems script can be downloaded here.

Basically, nine Security vulnerabilities are covered in this script

  • CVE-2017-5715 (branch target injection)
  • CVE-2017-5753 (bounds check bypass)
  • CVE-2017-5754 (rogue data cache load)
  • CVE-2018-3639 (speculative store bypass)
  • CVE-2018-3620 (L1 terminal fault – OS)
  • CVE-2018-11091 (Microarchitectural Data Sampling Uncacheable Memory (MDSUM))
  • CVE-2018-12126 (Microarchitectural Store Buffer Data Sampling (MSBDS))
  • CVE-2018-12127 (Microarchitectural Load Port Data Sampling (MLPDS))
  • CVE-2018-12130 (Microarchitectural Fill Buffer Data Sampling (MFBDS))

Protection for CVE-2017-5753 (bounds check) does not require additional registry settings or firmware updates.

 

How To Work With The Script

To install the PowerShell module execute the below command

Make sure to set the Execution Policy to to “RemoteSigned”, if it set to a different policy prior to the script execution

Use below piece of command to save the current policy setting to a variable if you need reset after the Script execution

Set the execution policy to the current user with the below command

Below screen capture shows the complete steps up to this point

Check Vulnerable Status For Windows Systems : Install Modules

Import the module

Run the below command to check the setting status

Here is a sample output of one of the Windows system, which I executed earlier

Check Vulnerable Status For Windows Systems Get the Status

If you need to rest the execution policy back to the same setting execute the below command

Check Vulnerable Status For Windows Systems Reset execution policy

Now you can check the security status of the system

How To Check Vulnerable Status For Windows Systems With Get-SpeculationControlSettings PowerShell Script
5 (100%) 8 vote[s]

Aruna Lakmal

Associate Technical Lead at Pearson, Sri Lanka. Technology junky, enthusiast, a VMware vExpert and a blogger with more than 6 years of Experience in Information Technology more focusing on VMware Virtualization, Microsoft and Datacenter Technologies.

Get Updates Directly To Your Inbox!

   

Leave a Reply

Loading Posts...