Update Windows Client for Meltdown and Spectre

By | January 5, 2018

Microsoft is aware of a new publicly disclosed class of vulnerabilities that are referred to as “speculative execution side-channel attacks” that affect many modern processors and operating systems, including chipsets from Intel, AMD, and ARM.

There are few help pages by Microsoft  that can be used to update and protect this information.

How to Check and Update for Meltdown and Spectre

1. Open PowerShell in Admin Mode and type: Set-ExecutionPolicy Bypass
2. Install SpeculationControl mode with the following command: Install-Module SpeculationControl
3. Run Get-SpeculationControlSettings to check update and settings status

image

Apply Update and Values

1. Unblock the update with Anti-Virus with the following registry value
reg add “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\QualityCompat” /v cadca5fe-87d3-4b96-b7fb-a231484277cc /t REG_DWORD /d 0 /f

***this registry value depend on your Anti-Virus product based on the following url
https://docs.google.com/spreadsheets/d/184wcDt9I9TUNFFbsAVLpzAtckQxYiuirADzf3cL42FQ/htmlview?usp=sharing&sle=true

2. Update Windows Client based on the specific update

KB4056892 for Windows 10 1709
KB4056891 for Windows 10 1703
KB4056890 for Windows 10 1607
KB4056888 for Windows 10 1511
KB4056893 for Windows 10 RTM
KB4056898 for Windows 8.1
KB4056897 for Windows 7

*** To get the standalone package for this update, go to the Microsoft Update Catalog website.

3. Update BIOS/firmware update provided by your device OEM

Once finish all updates and settings the Get-SpeculationControlSettings need to be green with True status

Complete Meltdown and Spectre patches

Notes

– At least for now the firmware update isn’t require for guest machines such, Azure VM, Hyper-V and VMware
– Currently, the update is causing server load issues so we recommend that you test before updates are made
– Review whether you need firmware patches as well by downloading
Intel testing tool

More Information

1. Guidance for Windows Client
2. Security advisory ADV180002
3. Update Compatibility warning
4. Microsoft Update Catalog

(Visited 271 times, 1 visits today)

Leave a Reply

Your email address will not be published. Required fields are marked *