Updated: Speculation Execution Side-Channel Vulnerabilities Configuration Baseline


We have updated the Speculation Execution Side-Channel Vulnerabilities Configuration Baseline.  The updated baseline now includes support for verifying the protections for CVE-2018-3639 (Speculative store bypass) in addition to the previously supported CVE-2017-5715 and CVE-2017-5754.

Download the updated baseline

This configuration baseline is used to confirm whether a system has enabled the protections needed for the speculative-execution side-channel vulnerabilities as described in Microsoft Security Advisory ADV180002 and Microsoft Security Advisory ADV 180012.  It is based on the functionality in the PowerShell module Get_SpeculationControlSettings.  It requires at least PowerShell 3.0.

Read more about mitigating speculative execution side-channel vulnerabilities for Configuration Manager environments

 


Comments (2)
  1. Eric Grove-Stephensen says:

    This is great. Are there plans to add L1TF/Foreshadow compliance in to this?

    1. We are working on it Eric.

      Regards
      Yvette

Comments are closed.

Skip to main content