-
Notifications
You must be signed in to change notification settings - Fork 0
Windows Speculative Execution Configuration Check
This page addresses the configuration checks required to mitigate speculative execution vulnerabilities in Windows environments, specifically related to CVEs affecting both hardware and Windows operating systems. These vulnerabilities, including Spectre and Meltdown, can lead to significant information disclosure if not properly mitigated.
- Severity: High
Exploiting these vulnerabilities can allow an attacker to read sensitive information from the system memory that should have been inaccessible. This includes passwords, encryption keys, and other sensitive data, potentially leading to a full system compromise.
The following CVEs are related to speculative execution vulnerabilities that require specific configurations to mitigate:
- CVE-2017-5715
- CVE-2017-5753
- CVE-2017-5754
- CVE-2018-3639
- CVE-2018-3620
N/A
To ensure that all virtual machines on a host can utilize firmware capabilities to mitigate these vulnerabilities, set the registry value as follows:
-
Registry configuration command:
reg add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Virtualization" /v MinVmVersionForCpuBasedMitigations /t REG_SZ /d "1.0" /f
- SQL Server (CVE-2017-5753): Apply the SQL Server patch available through Windows Server Update Services (WSUS) or the Microsoft Update Catalog but note that this update is not downloaded and installed automatically.
- General Windows Mitigation (CVE-2017-5754): For Windows Server 2019 and client operating systems, mitigations are enabled by default.
- Security Updates for Windows 8.1 and Windows Server 2012 R2 (CVE-2018-3639): Includes quality improvements; no new features introduced.
- L1 Terminal Fault (L1TF) - CVE-2018-3620: Apply patches to protect against L1TF vulnerabilities affecting Intel® processors, detailed in Microsoft's guidance.
systeminfo | findstr /B / C:"KB"reg query "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Virtualization" /v MinVmVersionForCpuBasedMitigations
- Microsoft Guidance for Spectre and Meltdown
- Details on Speculative Execution Side-channel Vulnerabilities
N/A
- Home - Return to this main page.
- Explore detailed vulnerability categories and entries via the sidebar.
- Microsoft Teams < 1.6.0.11166 Information Disclosure↗
- Microsoft Teams < 1.6.0.18681 RCE↗
- Microsoft Windows Unquoted Service Path Enumeration↗
- Microsoft XML Parser (MSXML) and XML Core Services Unsupported↗
- Security Updates for Microsoft .NET Framework↗
- Security Updates for Microsoft Office Products C2R↗
- Security Updates for Microsoft SQL Server↗
- Windows Defender Antimalware/Antivirus Signature Definition Check↗
- Windows Speculative Execution Configuration Check↗
- WinVerifyTrust Signature Validation CVE-2013-3900 Mitigation↗
- SSL Certificate Cannot Be Trusted↗
- SSL Certificate Chain Contains RSA Keys Less Than 2048 bits↗
- SSL Certificate with Wrong Hostname↗
- SSL Medium Strength Cipher Suites Supported (SWEET32)↗
- SSL Self-Signed Certificate↗
- SSL/TLS Diffie-Hellman Modulus <= 1024 Bits (Logjam)↗
- TLS Version 1.0 Protocol Detection↗
- TLS Version 1.1 Protocol Deprecated↗
- Apache 2.4.x < 2.4.58 Multiple Vulnerabilities↗
- Apache Log4j Vulnerabilities↗
- Apache Solr Unauthenticated Access Information Disclosure↗
- Apache Struts Vulnerabilities↗
- Apache Tomcat Vulnerabilities↗
- Amazon Corretto Java 11.x < 11.0.19.7.1 Multiple Vulnerabilities↗
- OpenJDK Vulnerabilities↗
- Oracle Java SE Vulnerabilities↗
- 7-Zip < 23.00 Multiple Vulnerabilities↗
- Adobe Acrobat Vulnerabilities↗
- AMQP Cleartext Authentication↗
- Artifex Ghostscript < 10.2.1 DoS↗
- Chargen UDP Service Remote DoS↗
- Curl 7.84 <= 8.2.1 Header DoS (CVE-2023-38039)↗
- Echo Service Detection↗
- HSTS Missing From HTTPS Server (RFC 6797)↗
- HTTP TRACE / TRACK Methods Allowed↗
- Insecure Windows Service Permissions↗
- Keepass < 2.54 Information disclosure↗
- Notepad++ < 8.5.7 Multiple Buffer Overflow Vulnerabilities↗
- Quote of the Day (QOTD) Service Detection↗
- VMware Tools 10.3.x / 11.x / 12.x < 12.3.5 Token Bypass↗
- X Server Detection↗
- Template -> Use this template for new vulnerabilities