Windows 10: Get-SpeculationControlSettings not checking for CVE-2017-5753?

Discus and support Get-SpeculationControlSettings not checking for CVE-2017-5753? in AntiVirus, Firewalls and System Security to solve the problem; Hi all, Am I missing something here? Get-SpeculationControlSettings seems to check for 2017-5754 (Meltdown) and 2017-5715 (one part of Spectre) but... Discussion in 'AntiVirus, Firewalls and System Security' started by GreenSparrow, Jan 9, 2018.

  1. GREENSPARROW
    GreenSparrow Win User

    Get-SpeculationControlSettings not checking for CVE-2017-5753?


    Hi all,

    Am I missing something here? Get-SpeculationControlSettings seems to check for 2017-5754 (Meltdown) and 2017-5715 (one part of Spectre) but not CVE-2017-5753 (the other part of spectre).

    I've gotta be misunderstanding something here, right?

    Thanks in advance!

    :)
     
    GreenSparrow, Jan 9, 2018
    #1
  2. RICHARD BRUINS
    Richard Bruins Win User

    ETA of patch for "KRACK". Was this patched previously or should we expect a patch soon?

    We are looking for information that suggest when "Key Reinstallation Attack" will be patched for Windows 10 Professional. Has it been patched in an earlier update? This vulnerability has also been dubbed as "KRACK". This vulnerability is being tracked
    as CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13084, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088.
     
    Richard Bruins, Jan 9, 2018
    #2
  3. OLA_ERIK
    ola_erik Win User
    WPA2 Wifi KRACK & Windows update

    I'd like an update on this. This is what I've found so far:

    Type of attack

    CVE IDs

    Devices impacted

    IOS

    MacOS

    tvOS

    watchOS

    Windows

    4-way handshake

    CVE-2017-13077

    WiFi clients

    11.1

    10.13

    11.1

    4.1

    ------

    Group-key handshake

    CVE-2017-13078

    CVE-2017-13079

    CVE-2017-13080

    CVE-2017-13081

    CVE-2017-13087

    CVE-2017-13088

    WiFi clients

    11.1

    -----

    11.1

    -----

    -----

    -----

    10.13

    ------

    10.13

    ------

    ------

    ------

    11.1

    -----

    11.1

    -----

    -----

    -----

    4.1

    ------

    4.1

    ------

    ------

    ------

    ------

    ------

    Oct16

    ------

    ------

    ------

    802.11r Fast-BSS Transition (FT)

    CVE-2017-13082

    Access points

    Peer-key handshake

    CVE-2017-13084

    CVE-2017-13086

    WiFi clients

    -----

    -----

    ------

    ------

    -----

    -----

    ------

    ------

    ------

    ------

    Kudos to Zyxel for clear and exemplary info:Zyxel security advisory for the key management vulnerabilities of WPA2 protocol | Zyxel
     
    ola_erik, Jan 9, 2018
    #3
  4. EDTITTEL
    EdTittel Win User

    Get-SpeculationControlSettings not checking for CVE-2017-5753?

    AFAIK the two CVEs that Get-SpeculationControls checks for are the ones you mentioned. To the best of my knowledge that tool does not check for 5753 at all. Never seen any mention of that in discussions of the tool or the remediation of those vulnerabilities.
    HTH,
    --Ed--
     
    EdTittel, Jan 15, 2018
    #4
  5. GREENSPARROW
    GreenSparrow Win User
    I think I have an answer, if it's helpful. It came from another forum, but I wanted to share it in case it's useful:

    "
    The main goal of this PowerShell script, is not to test if your CPU is vulnerable or to test if the patches have been installed. The main goal is to check if the mitigations are active.

    The mitigations for CVE-2017-5754 and CVE-2017-5715 are configurable (can be enabled or disabled via registry: https://support.microsoft.com/en-za/...tive-execution), and mitigating CVE-2017-5715 requires a microcode update.

    The mitigation for CVE-2017-5753 is not configurable, and does not require a microcode update.

    If the Windows patch for Meltdown/Spectre has been installed on your machine, then mitigation for CVE-2017-5753 is active.

    https://support.microsoft.com/en-za/help/4074629/understanding-the-output-of-get-speculationcontrolsettings-powershell"
     
    GreenSparrow, Jan 15, 2018
    #5
  6. EDTITTEL
    EdTittel Win User
    Very helpful, and a great explanation to share. I learned something both useful and valuable. Thanks!
    --Ed--
     
    EdTittel, Apr 5, 2018
    #6
Thema:

Get-SpeculationControlSettings not checking for CVE-2017-5753?

Loading...

  1. Get-SpeculationControlSettings not checking for CVE-2017-5753? - Similar Threads - SpeculationControlSettings checking CVE

  2. Microsoft CVE-2017-5715: Guidance to mitigate speculative execution side-channel...

    in AntiVirus, Firewalls and System Security
    Microsoft CVE-2017-5715: Guidance to mitigate speculative execution side-channel...: Microsoft CVE-2017-5715: Guidance to mitigate speculative execution side-channel vulnerabilitiesMicrosoft CVE-2017-5753: Guidance to mitigate speculative execution side-channel vulnerabilitiesMicrosoft CVE-2017-5754: Guidance to mitigate speculative execution side-channel...

  3. Severe threat called exploit:o97m/cve-2017-0199.pk!mtb.Am I in danger?

    in Windows 10 Gaming
    Severe threat called exploit:o97m/cve-2017-0199.pk!mtb.Am I in danger?: Hi,When i turned on my pc i found in my antivirus history a severe threat called exploit:o97m/cve-2017-0199.pk!mtb.I have made a quick scan and a complete one and nothing showed up .It says that the fix was uncompleted .I have not installed anything and i use this pc mostly...

  4. Severe threat called exploit:o97m/cve-2017-0199.pk!mtb.Am I in danger?

    in Windows 10 Software and Apps
    Severe threat called exploit:o97m/cve-2017-0199.pk!mtb.Am I in danger?: Hi,When i turned on my pc i found in my antivirus history a severe threat called exploit:o97m/cve-2017-0199.pk!mtb.I have made a quick scan and a complete one and nothing showed up .It says that the fix was uncompleted .I have not installed anything and i use this pc mostly...

  5. Severe threat called exploit:o97m/cve-2017-0199.pk!mtb.Am I in danger?

    in AntiVirus, Firewalls and System Security
    Severe threat called exploit:o97m/cve-2017-0199.pk!mtb.Am I in danger?: Hi,When i turned on my pc i found in my antivirus history a severe threat called exploit:o97m/cve-2017-0199.pk!mtb.I have made a quick scan and a complete one and nothing showed up .It says that the fix was uncompleted .I have not installed anything and i use this pc mostly...

  6. Microsoft Defender detected threat called - Exploit:O97M/CVE-2017-0199.AR!MSR

    in AntiVirus, Firewalls and System Security
    Microsoft Defender detected threat called - Exploit:O97M/CVE-2017-0199.AR!MSR: Hello,Last week, Microsoft defender antivirus detected a new threat on my laptop Lenovo IdeaPadn 5 14IIL05. The threat detected was titled: Exploit:O97M/CVE-2017-0199.AR!MSR The message in my settings for Protection History also included the following infoDetails: This...

  7. Exploit : O97M/CVE-2017-11882.BY!MTB

    in AntiVirus, Firewalls and System Security
    Exploit : O97M/CVE-2017-11882.BY!MTB: i have this threat on windows defender, when i select remove and start action it removes it but then after i start quick scanning again the threat pops up again and i have done this a few times and its still there, i already delete the folder which the threat says but its...

  8. Enable Retpoline to mitigate Spectre variant 2 (CVE-2017-5715)

    in AntiVirus, Firewalls and System Security
    Enable Retpoline to mitigate Spectre variant 2 (CVE-2017-5715): Following the release of Cumulative Update KB4482887 Windows 10 v1809 Build 17763.348 there is a lot of discussion regarding the new Retpoline mitigation. This feature has been included in the KB4482887, but is disabled by default. In future updates, or the next Feature...

  9. Exploit for CVE-2017-8759 detected and neutralized

    in Windows 10 News
    Exploit for CVE-2017-8759 detected and neutralized: The September 12, 2017 security updates from Microsoft include the patch for a previously unknown vulnerability exploited through Microsoft Word as an entry vector. Customers using Microsoft advanced threat solutions were already protected against this threat. The...

  10. CVE-2017-5703 - Unsafe Opcodes exposed in Intel SPI based products

    in Windows 10 News
    CVE-2017-5703 - Unsafe Opcodes exposed in Intel SPI based products: Unsafe Opcodes exposed in Intel SPI based products Intel ID: INTEL-SA-00087 Product family: Multiple Generations Impact of vulnerability: Denial of Service Severity rating: Important Original release: Apr 03, 2018 Last revised: Apr 03, 2018 Summary:...