Last month Microsoft released PowerShell scripts to automate WinRE updates to address the BitLocker bypass security vulnerability. Similarly, the company has re-released PowerShell scripts, though this time, for several different speculative side-channel attack CPU vulnerabilities on Windows 11 and Windows 10. For example, one of them includes the Memory Mapped IO (MMIO) flaw. Windows 10 and Server have recently received new updated patches. The scripts are intended to help verify the mitigation status of these vulnerabilities.
Microsoft’s official documentation explains:
To help you verify the mitigation status of the speculation execution side channel, we have published a PowerShell script (SpeculationControl) that can be run on your devices. This article explains how to run the SpeculationControl script and what the output means.
Security Advisory ADV180002, ADV180012, ADV180018And ADV190013 Cover the following nine weaknesses:
CVE-2017-5715 (branch target injection)
CVE-2017-5753 (bounds check bypass)
Note CVE-2017-5753 (bound check) protection does not require additional registry settings or firmware updates.CVE-2017-5754 (rogue data cache load)
CVE-2018-3639 (speculative store bypass)
CVE-2018-3620 (L1 Terminal Fault – OS)
CVE-2018-11091 (Microarchitectural Data Sampling in Cacheable Memory (MDSUM))
CVE-2018-12126 (Microarchitectural Store Buffer Data Sampling (MSBDS))
CVE-2018-12127 (Microarchitectural Load Port Data Sampling (MLPDS))
CVE-2018-12130 (Microarchitectural Full Buffer Data Sampling (MFBDS))
Advisory ADV220002 Additional Memory-Mapped I/O (MMIO)-related vulnerabilities cover:
CVE-2022-21123 – Shared Buffer Data Read (SBDR)
CVE-2022-21125 – Shared Buffer Data Sampling (SBDS)
CVE-2022-21127 – Special Register Buffer Data Sampling Update (SRBDS Update)
CVE-2022-21166 – Device Register Partial Write (DRPW)
You can find more details on PowerShell scripts and the official Microsoft support document here (KB4074629).
