Last month Microsoft issued PowerShell scripts for automating WinRE updates to address BitLocker bypass security vulnerability. Likewise, the company has released PowerShell script again, though this time, these are for multiple different speculative execution side-channel attack CPU vulnerabilities on Windows 11 and Windows 10. For example, one of these include the memory mapped IO (MMIO) flaw which received new updated patches recently on Windows 10 and Server. The scripts are meant to help verify the status of mitigations of these vulnerabilities.
The official Microsoft document explains:
To help you verify the status of speculative execution side-channel mitigations, we published a PowerShell script (SpeculationControl) that can run on your devices. This article explains how to run the SpeculationControl script and what the output means.
Security advisories ADV180002, ADV180012, ADV180018, and ADV190013 cover the following nine vulnerabilities:
CVE-2017-5715 (branch target injection)
CVE-2017-5753 (bounds check bypass)
Note Protection for CVE-2017-5753 (bounds check) does not require additional registry settings or firmware updates.CVE-2017-5754 (rogue data cache load)
CVE-2018-3639 (speculative store bypass)
CVE-2018-3620 (L1 terminal fault – OS)
CVE-2018-11091 (Microarchitectural Data Sampling Uncacheable Memory (MDSUM))
CVE-2018-12126 (Microarchitectural Store Buffer Data Sampling (MSBDS))
CVE-2018-12127 (Microarchitectural Load Port Data Sampling (MLPDS))
CVE-2018-12130 (Microarchitectural Fill Buffer Data Sampling (MFBDS))
Advisory ADV220002 covers additional Memory-Mapped I/O (MMIO) related vulnerabilities:
CVE-2022-21123 - Shared Buffer Data Read (SBDR)
CVE-2022-21125 - Shared Buffer Data Sampling (SBDS)
CVE-2022-21127 - Special Register Buffer Data Sampling Update (SRBDS Update)
CVE-2022-21166 - Device Register Partial Write (DRPW)
You can find the PowerShell scripts and more details on the official Microsoft support document here (KB4074629).
11 Comments - Add comment