When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works.

Microsoft issues PowerShell scripts for multiple Windows 11, Windows 10 security flaws

A Microsoft logo on a grey background with a padlock icon in a circle on the right

Last month Microsoft issued PowerShell scripts for automating WinRE updates to address BitLocker bypass security vulnerability. Likewise, the company has released PowerShell script again, though this time, these are for multiple different speculative execution side-channel attack CPU vulnerabilities on Windows 11 and Windows 10. For example, one of these include the memory mapped IO (MMIO) flaw which received new updated patches recently on Windows 10 and Server. The scripts are meant to help verify the status of mitigations of these vulnerabilities.

The official Microsoft document explains:

To help you verify the status of speculative execution side-channel mitigations, we published a PowerShell script (SpeculationControl) that can run on your devices. This article explains how to run the SpeculationControl script and what the output means.

Security advisories ADV180002, ADV180012, ADV180018, and ADV190013 cover the following nine vulnerabilities:

  • CVE-2017-5715 (branch target injection)

  • CVE-2017-5753 (bounds check bypass)
    Protection for CVE-2017-5753 (bounds check) does not require additional registry settings or firmware updates.

  • CVE-2017-5754 (rogue data cache load)

  • CVE-2018-3639 (speculative store bypass)

  • CVE-2018-3620 (L1 terminal fault – OS)

  • CVE-2018-11091 (Microarchitectural Data Sampling Uncacheable Memory (MDSUM))

  • CVE-2018-12126 (Microarchitectural Store Buffer Data Sampling (MSBDS))

  • CVE-2018-12127 (Microarchitectural Load Port Data Sampling (MLPDS))

  • CVE-2018-12130 (Microarchitectural Fill Buffer Data Sampling (MFBDS))

Advisory ADV220002 covers additional Memory-Mapped I/O (MMIO) related vulnerabilities:

  • CVE-2022-21123 - Shared Buffer Data Read (SBDR)

  • CVE-2022-21125 - Shared Buffer Data Sampling (SBDS)

  • CVE-2022-21127 - Special Register Buffer Data Sampling Update (SRBDS Update)

  • CVE-2022-21166 - Device Register Partial Write (DRPW)

You can find the PowerShell scripts and more details on the official Microsoft support document here (KB4074629).

Report a problem with article
Samsung 870 QVO SATA III SSD
Next Article

Amazon is offering 52% discount on the 2TB Samsung 870 QVO SATA III SSD today

TWIRL logo in front of Falcon Heavy boosters
Previous Article

TWIRL 111: SpaceX dominates the flight schedule with Falcon 9 and Falcon Heavy launches

Join the conversation!

Login or Sign Up to read and post a comment.

11 Comments - Add comment