Windows 10: Manage Speculative Execution Settings Script for Windows

GHacks · Aug 6, 2019

Manage Speculative Execution Settings Script is a batch file for Microsoft Windows devices to check and manage the Speculative Execution Protection status on the system.

Speculative Execution side-channel attacks are a new class of vulnerabilities that started to make waves in early 2018 when it was discovered that nearly any device was considered vulnerable.

Microsoft released a lot of patches to address certain variants, e.g. Spectre V4, or Spectre 1.1 and 1.2. Tools have been created to check a PC for patches and you may use Gibson's free InSpectre tool or scripts by Microsoft to find out if a PC is vulnerable.

Manage Speculative Execution Settings Script

You can download the latest version of the script from Majorgeeks; just extract it after the download to get started. You can open the batch file in a plain text editor to verify that it is safe. Note that you need to run the batch file with administrative privileges.

When you run it for the first time you need to allow it to download an additional control script from the Internet. The script is needed for functionality and you cannot do anything if you don't allow it.

A list of options is displayed after the download. The following options are provided:

Check Speculative Execution Protection Status

Enable Mitigations for Spectre Variant 2 and Meltdown.

Disable Mitigations for Spectre Variant 2.

AMD and ARM only: Enable Full Mitigation for Spectre variant 2.

Enable Mitigations for Speculative Store Bypass, Spectre Variant 2 and Meltdown.

AMD Processors only: Enable Fill Mitigation for Spectre variant 2 and Speculative Store Bypass.

Enable Mitigations for Microarchitectural Data Sampling along with Spectre and Meltdown variants.

Same as 7 but with Hyper-Threading disabled.

Disable all Speculative Execution Protection Mitigations.

Speculative Control Module Installation Menu.

More Information and Reference.

A tap on 1 displays the current status of protections; it is a good idea to start here to find out which protections are already in place and which are not; this part seems to use Microsoft's script.

You may use the script to enable or disable certain protections. Note that you may need a certain Windows patch level to protect against certain attack variants.

One of the downsides of using the script is that it does not highlight if certain protections are enabled or disabled in the main menu. You need to verify the status first before you make a decision.

Closing Words

The script is certainly an advanced tool that system administrators and tech savvy users may find useful in certain situations.

Now you: how do you handle protections and mitigations?

Ghacks needs you. You can find out how to support us here (https://www.ghacks.net/support/) or support the site directly by becoming a Patreon (https://www.patreon.com/ghacks)). Thank you for being a Ghacks reader. The post Manage Speculative Execution Settings Script for Windows appeared first on gHacks Technology News.

read more...

Kari · Aug 6, 2019

Windows Client Guidance against speculative execution vulnerabilities

But now you mention it, could the cause be, the script that runs the intro when I start it, where the time and days till my next birthday(a placeholder for important Microsoft event dates), that @ taught me.
Click to expand...

For some reason I only got your mention notification now. Old post but I want to reply.

No Cliff, you are not running it elevated. When run elevated, both PowerShell and PowerShell ISE show word Administrator in Titlebar:

You might want to edit your PS script. My PS and PS ISE nowadays run this script whenever launched:

Code:
Code:
If ([bool](([System.Security.Principal.WindowsIdentity]::GetCurrent()).groups -match "S-1-5-32-544"))      {      $Mode = "elevated."        }      else      {$Mode = "in normal user mode."}  Set-Location $env:USERPROFILE  $ScriptFolder = "OneDrive\PS-Scripts"  $Scripts = $env:USERPROFILE + '\' + $ScriptFolder  Write-Host  Write-Host ' PowerShell is running'$Mode  Write-Host  Write-Host ' Scripts folder ($Scripts):'  Write-Host ' ' -NoNewline  Write-Host $Scripts  Write-Host
The script checks if I have started an elevated or a normal user mode PS and tells it to me, just to be sure:

... or:

Yes, you are running it as Admin.
Click to expand...

No, see my reply to Cliff above.

Brink · Aug 6, 2019

Microsoft Announcing Speculative Execution Bounty Program Launch

Today, Microsoft is announcing the launch of a limited-time bounty program for speculative execution side channel vulnerabilities. This new class of vulnerabilities was disclosed in January 2018 and represented a major advancement in the research in this field. In recognition of that threat environment change, we are launching a bounty program to encourage research into the new class of vulnerability and the mitigations Microsoft has put in place to help mitigate this class of issues.

Quick Facts:

Bounty Duration: Open until December 31, 2018

Full Details: Speculative Execution Bounty Program

Bounty Terms: Standard terms and conditions apply

Bounty Tiers: (below)

[table][tr][td] Tier[/td] [td] Payout (USD)[/td] [/tr] [tr][td]Tier 1: New categories of speculative execution attacks[/td] [td] Up to $250,000[/td] [/tr] [tr][td]Tier 2: Azure speculative execution mitigation bypass[/td] [td] Up to $200,000[/td] [/tr] [tr][td]Tier 3: Windows speculative execution mitigation bypass[/td] [td] Up to $200,000[/td] [/tr] [tr][td]Tier 4: Instance of a known speculative execution vulnerability (such as CVE-2017-5753) in Windows 10 or Microsoft Edge. This vulnerability must enable the disclosure of sensitive information across a trust boundary[/td] [td] Up to $25,000[/td] [/tr] [/table]

Speculative execution is truly a new class of vulnerabilities, and we expect that research is already underway exploring new attack methods. This bounty program is intended as a way to foster that research and the coordinated disclosure of vulnerabilities related to these issues. Tier 1 focuses on new categories of attacks involving speculative execution side channels. To help the community better understand what is currently known amongst the industry, our Security Research & Defense team has published blog with additional information. Tiers 2 and 3 focus on identifying possible bypasses for mitigations that have been added to Windows and Azure to defend against the attacks that have been identified. Tier 4 covers exploitable instances of CVE-2017-5753 or CVE-2017-5715 that may exist.

Speculative execution side channel vulnerabilities require an industry response. To that end, Microsoft will share, under the principles of coordinated vulnerability disclosure, the research disclosed to us under this program so that affected parties can collaborate on solutions to these vulnerabilities. Together with security researchers, we can build a more secure environment for customers.

Phillip Misner
Principal Security Group Manager
Microsoft Security Response Center
Click to expand...

Source: Speculative Execution Bounty Launch MSRC

fdegrove · Aug 6, 2019

Windows Client Guidance against speculative execution vulnerabilities

Hi,
@Kari :

No, see my reply to Cliff above.
Click to expand...

It seems you've missed some of @Cliff S 's earlier postings and screenshots were he clearly shows how he started PS as Admin. The script brings the prompt to his user profile folder, hence the confusion.

See:

Windows Client Guidance against speculative execution vulnerabilities

Cheers, *Wink

Windows 10: Manage Speculative Execution Settings Script for Windows

Manage Speculative Execution Settings Script for Windows

Manage Speculative Execution Settings Script for Windows

Manage Speculative Execution Settings Script for Windows

Manage Speculative Execution Settings Script for Windows - Similar Threads - Manage Speculative Execution

Registry Entries Reverting - Windows Speculative Execution Configuration Check

Registry Entries Reverting - Windows Speculative Execution Configuration Check

failed to execute script

Surface Guidance for speculative execution side-channel vulnerability

Microsoft Announcing Speculative Execution Bounty Program Launch

SQL Server Guidance against speculative execution vulnerabilities

Mitigating speculative execution side channel hardware vulnerabilities

Windows Server Guidance against speculative execution vulnerabilities

Windows Client Guidance against speculative execution vulnerabilities