Change date

Description of change

July 17, 2023

Added MMIO and specific descriptions of output values in the "Output that has all mitigations enabled" section

Summary

To help you verify the status of speculative execution side-channel mitigations, we published a PowerShell script (SpeculationControl) that can run on your devices. This article explains how to run the SpeculationControl script and what the output means.

Security advisories ADV180002ADV180012, ADV180018, and ADV190013 cover the following nine vulnerabilities:

  • CVE-2017-5715 (branch target injection)

  • CVE-2017-5753 (bounds check bypass)

    Note Protection for CVE-2017-5753 (bounds check) does not require additional registry settings or firmware updates.  

  • CVE-2017-5754 (rogue data cache load)

  • CVE-2018-3639 (speculative store bypass)

  • CVE-2018-3620 (L1 terminal fault – OS)

  • CVE-2018-11091 (Microarchitectural Data Sampling Uncacheable Memory (MDSUM))

  • CVE-2018-12126 (Microarchitectural Store Buffer Data Sampling (MSBDS))

  • CVE-2018-12127 (Microarchitectural Load Port Data Sampling (MLPDS))

  • CVE-2018-12130 (Microarchitectural Fill Buffer Data Sampling (MFBDS))

Advisory ADV220002 covers additional Memory-Mapped I/O (MMIO) related vulnerabilities:

  • CVE-2022-21123 | Shared Buffer Data Read (SBDR)

  • CVE-2022-21125 | Shared Buffer Data Sampling (SBDS)

  • CVE-2022-21127 | Special Register Buffer Data Sampling Update (SRBDS Update)

  • CVE-2022-21166 | Device Register Partial Write (DRPW)

This article provides details about the SpeculationControl PowerShell script that helps determine the state of the mitigations for the listed CVEs that require additional registry settings and, in some cases, firmware updates.

More information

SpeculationControl PowerShell script

Install and run the SpeculationControl script by using one of the following methods.

Method 1: PowerShell verification by using the PowerShell Gallery (Windows Server 2016 or WMF 5.0/5.1)

Install the PowerShell module

PS> Install-Module SpeculationControl

Run the SpeculationControl PowerShell module to verify that protections are enabled

PS> # Save the current execution policy so it can be reset

PS> $SaveExecutionPolicy = Get-ExecutionPolicy

PS> Set-ExecutionPolicy RemoteSigned -Scope Currentuser

PS> Import-Module SpeculationControl

PS> Get-SpeculationControlSettings

PS> # Reset the execution policy to the original state

PS> Set-ExecutionPolicy $SaveExecutionPolicy -Scope Currentuser

Method 2: PowerShell verification by using a download from TechNet (earlier OS versions/earlier WMF versions)

Install the PowerShell module from TechNet ScriptCenter

  1. Go to https://aka.ms/SpeculationControlPS.

  2. Download SpeculationControl.zip to a local folder.

  3. Extract the contents to a local folder, for example C:\ADV180002

Run the PowerShell module to verify that protections are enabled

Start PowerShell, and then (using the example above) copy and run the following commands:

PS> # Save the current execution policy so it can be reset

PS> $SaveExecutionPolicy = Get-ExecutionPolicy

PS> Set-ExecutionPolicy RemoteSigned -Scope Currentuser

PS> CD C:\ADV180002\SpeculationControl

PS> Import-Module .\SpeculationControl.psd1

PS> Get-SpeculationControlSettings

PS> # Reset the execution policy to the original state

PS> Set-ExecutionPolicy $SaveExecutionPolicy -Scope Currentuser

PowerShell script output

The output of the SpeculationControl PowerShell script will resemble the following output. Enabled protections appear in the output as “True.”

PS C:\> Get-SpeculationControlSettings

Speculation control settings for CVE-2017-5715 [branch target injection]

Hardware support for branch target injection mitigation is present: False Windows OS support for branch target injection mitigation is present: True Windows OS support for branch target injection mitigation is enabled: False Windows OS support for branch target injection mitigation is disabled by system policy: True Windows OS support for branch target injection mitigation is disabled by absence of hardware support: True

Speculation control settings for CVE-2017-5754 [rogue data cache load]

Hardware is vulnerable to rogue data cache load: True Windows OS support for rogue data cache load mitigation is present: True Windows OS support for rogue data cache load mitigation is enabled: True Hardware requires kernel VA shadowing: True Windows OS support for kernel VA shadow is present: False Windows OS support for kernel VA shadow is enabled: False Windows OS support for PCID optimization is enabled: False Speculation control settings for CVE-2018-3639 [speculative store bypass]

Hardware is vulnerable to speculative store bypass: True Hardware support for speculative store bypass mitigation is present: False Windows OS support for speculative store bypass mitigation is present: True Windows OS support for speculative store bypass mitigation is enabled system-wide: False

Speculation control settings for CVE-2018-3620 [L1 terminal fault]

Hardware is vulnerable to L1 terminal fault: True Windows OS support for L1 terminal fault mitigation is present: True Windows OS support for L1 terminal fault mitigation is enabled: True

Speculation control settings for MDS [microarchitectural data sampling]

Windows OS support for MDS mitigation is present: True Hardware is vulnerable to MDS: True Windows OS support for MDS mitigation is enabled: True

Speculation control settings for SBDR [shared buffers data read] 

Windows OS support for SBDR mitigation is present: True  Hardware is vulnerable to SBDR: True  Windows OS support for SBDR mitigation is enabled: True 

Speculation control settings for FBSDP [fill buffer stale data propagator]  Windows OS support for FBSDP mitigation is present: True  Hardware is vulnerable to FBSDP: True  Windows OS support for FBSDP mitigation is enabled: True 

Speculation control settings for PSDP [primary stale data propagator]

Windows OS support for PSDP mitigation is present: True Hardware is vulnerable to PSDP: True Windows OS support for PSDP mitigation is enabled: True

BTIHardwarePresent: True BTIWindowsSupportPresent: True BTIWindowsSupportEnabled: True BTIDisabledBySystemPolicy: False BTIDisabledByNoHardwareSupport: False BTIKernelRetpolineEnabled: True BTIKernelImportOptimizationEnabled: True RdclHardwareProtectedReported: True RdclHardwareProtected: False KVAShadowRequired: True KVAShadowWindowsSupportPresent: True KVAShadowWindowsSupportEnabled: True KVAShadowPcidEnabled: True SSBDWindowsSupportPresent: True SSBDHardwareVulnerable: True SSBDHardwarePresent: False SSBDWindowsSupportEnabledSystemWide: False L1TFHardwareVulnerable: True L1TFWindowsSupportPresent: True L1TFWindowsSupportEnabled: True L1TFInvalidPteBit: 45 L1DFlushSupported: False HvL1tfStatusAvailable: True HvL1tfProcessorNotAffected: True MDSWindowsSupportPresent: True MDSHardwareVulnerable: True MDSWindowsSupportEnabled: True FBClearWindowsSupportPresent: True SBDRSSDPHardwareVulnerable: True FBSDPHardwareVulnerable: True PSDPHardwareVulnerable: True

Explanation of the SpeculationControl PowerShell script output

The final output grid maps to the output of the preceding lines. This appears because PowerShell prints the object that is returned by a function. The following table explains each line in the PowerShell script output.

Output

Explanation

Speculation control settings for CVE-2017-5715 [branch target injection]

This section provides system status for variant 2, CVE-2017-5715, branch target injection.

Hardware support for branch target injection mitigation is present

Maps to BTIHardwarePresent. This line tells you whether hardware features are present to support the branch target injection mitigation. The device OEM is responsible for providing the updated BIOS/firmware that contains the microcode provided by CPU manufacturers. If this line is True, the required hardware features are present. If the line is False, the required hardware features are not present. Therefore, the branch target injection mitigation cannot be enabled.

Note BTIHardwarePresent will be True in guest VMs if the OEM update is applied to the host and guidance is followed.

Windows OS support for branch target injection mitigation is present

Maps to BTIWindowsSupportPresent. This line tells you whether Windows operating system support is present for the branch target injection mitigation. If it is True, the operating system supports enabling the branch target injection mitigation (and therefore has installed the January 2018 update). If it is False, the January 2018 update is not installed on the device, and the branch target injection mitigation cannot be enabled.

Note If a guest VM cannot detect the host hardware update, BTIWindowsSupportEnabled will always be False.

Windows OS support for branch target injection mitigation is enabled

Maps to BTIWindowsSupportEnabled. This line tells you whether Windows operating system support is enabled for the branch target injection mitigation. If it is True, hardware support and OS support for the branch target injection mitigation is enabled for the device, thus protecting against CVE-2017-5715. If it is False, one of the following conditions is true:

  • Hardware support is not present.

  • OS support is not present.

  • The mitigation is disabled by system policy.

Windows OS support for branch target injection mitigation is disabled by system policy

Maps to BTIDisabledBySystemPolicy. This line tells you if the branch target injection mitigation is disabled by system policy (such as an administrator-defined policy). System policy refers to the registry controls as documented in KB4072698. If it is True, the system policy is responsible for disabling the mitigation. If it is False, the mitigation is disabled by a different cause.

Windows OS support for branch target injection mitigation is disabled by absence of hardware support

Maps to BTIDisabledByNoHardwareSupport. This line tells you whether the branch target injection mitigation is disabled due to the absence of hardware support. If it is True, the absence of hardware support is responsible for disabling the mitigation. If it is False, the mitigation is disabled by a different cause.

Note If a guest VM cannot detect the host hardware update, BTIDisabledByNoHardwareSupport will always be True.

Speculation control settings for CVE-2017-5754 [rogue data cache load]

This section provides summary system status for variant 3, CVE-2017-5754, rogue data cache load. The mitigation for this is known as kernel Virtual Address (VA) shadow or the rogue data cache load mitigation.

Hardware is vulnerable to rogue data cache load

Maps to RdclHardwareProtected. This line tells you whether the hardware is vulnerable to CVE-2017-5754. If it is True, the hardware is believed to be vulnerable to CVE-2017-5754. If it is False, the hardware is known not to be vulnerable to CVE-2017-5754.

Windows OS support for rogue data cache load mitigation is present

Maps to KVAShadowWindowsSupportPresent. This line tells you whether Windows operating system support for the kernel VA shadow feature is present.

Windows OS support for rogue data cache load mitigation is enabled

Maps to KVAShadowWindowsSupportEnabled. This line tells you whether the kernel VA shadow feature is enabled. If it is True, the hardware is believed to be vulnerable to CVE-2017-5754, Windows operating system support is present, and the feature is enabled.

Hardware requires kernel VA shadowing

Maps to KVAShadowRequired. This line tells you whether your system requires kernel VA shadowing to mitigate a vulnerability.

Windows OS support for kernel VA shadow is present

Maps to KVAShadowWindowsSupportPresent. This line tells you whether Windows operating system support for the kernel VA shadow feature is present. If it is True, the January 2018 update is installed on the device, and kernel VA shadow is supported. If it is False, the January 2018 update is not installed, and kernel VA shadow support does not exist.

Windows OS support for kernel VA shadow is enabled

Maps to KVAShadowWindowsSupportEnabled. This line tells you whether the kernel VA shadow feature is enabled. If it is True, Windows operating system support is present, and the feature is enabled. The Kernel VA shadow feature is currently enabled by default on client versions of Windows and is disabled by default on versions of Windows Server. If it is False, either Windows operating system support is not present, or the feature is not enabled.

Windows OS support for PCID performance optimization is enabled

Note PCID is not required for security. It only indicates if a performance improvement is enabled. PCID is not supported with Windows Server 2008 R2

Maps to KVAShadowPcidEnabled. This line tells you whether an additional performance optimization is enabled for kernel VA shadow. If it is True, kernel VA shadow is enabled, hardware support for PCID is present, and PCID optimization for kernel VA shadow is enabled. If it is False, either the hardware or the OS may not support PCID. It is not a security weakness for the PCID optimization not to be enabled.

Windows OS support for Speculative Store Bypass Disable is present

Maps to SSBDWindowsSupportPresent. This line tells you whether Windows operating system support for Speculative Store Bypass Disable is present. If it is True, the January 2018 update is installed on the device, and kernel VA shadow is supported. If it is False, the January 2018 update is not installed, and kernel VA shadow support does not exist.

Hardware requires Speculative Store Bypass Disable

Maps to SSBDHardwareVulnerablePresent. This line tells you whether the hardware is vulnerable to CVE-2018-3639. If it is True, the hardware is believed to be vulnerable to CVE-2018-3639. If it is False, the hardware is known not to be vulnerable to CVE-2018-3639.

Hardware support for Speculative Store Bypass Disable is present

Maps to SSBDHardwarePresent. This line tells you whether hardware features are present to support Speculative Store Bypass Disable. The device OEM is responsible for providing the updated BIOS/firmware that contains the microcode provided by Intel. If this line is True, the required hardware features are present. If the line is False, the required hardware features are not present. Therefore, Speculative Store Bypass Disable cannot be turned on.

Note SSBDHardwarePresent will be True in guest VMs if the OEM update is applied to the host.

Windows OS support for Speculative Store Bypass Disable is turned on

Maps to SSBDWindowsSupportEnabledSystemWide. This line tells you whether Speculative Store Bypass Disable is turned on in the Windows operating system. If it is True, hardware support and OS support for Speculative Store Bypass Disable is on for the device preventing a Speculative Store Bypass from occurring, thus eliminating the security risk completely. If it is False, one of the following conditions is true:

Speculation control settings for CVE-2018-3620 [L1 terminal fault]

This section provides summary system status for L1TF (operating system) referred to by CVE-2018-3620. This mitigation ensures that safe page frame bits are used for not present or invalid page table entries.

Note This section does not provide a summary of the mitigation status for L1TF (VMM) referred to by CVE-2018-3646.

Hardware is vulnerable to L1 terminal fault: True

Maps to L1TFHardwareVulnerable. This line tells you whether the hardware is vulnerable to L1 Terminal Fault (L1TF, CVE-2018-3620). If it is True, the hardware is believed to be vulnerable to CVE-2018-3620. If it is False, the hardware is known not to be vulnerable to CVE-2018-3620.

Windows OS support for L1 terminal fault mitigation is present: True

Maps to L1TFWindowsSupportPresent. This line tells you whether Windows operating system support for the L1 Terminal Fault (L1TF) operating system mitigation is present. If it is True, the August 2018 update is installed on the device, and the mitigation for CVE-2018-3620 is present. If it is False, the August 2018 update is not installed, and the mitigation for CVE-2018-3620 is not present.

Windows OS support for L1 terminal fault mitigation is enabled: True

Maps to L1TFWindowsSupportEnabled. This line tells you whether the Windows operating system mitigation for L1 Terminal Fault (L1TF, CVE-2018-3620) is enabled. If it is True, the hardware is believed to be vulnerable to CVE-2018-3620, Windows operating system support for the mitigation is present, and the mitigation is enabled. If it is False, either the hardware is not vulnerable, Windows operating system support is not present, or the mitigation is not enabled.

Speculation control settings for MDS [Microarchitectural Data Sampling]

This section provides system status for the MDS set of vulnerabilities, CVE-2018-11091, CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, and ADV220002.

Windows OS support for MDS mitigation is present

Maps to MDSWindowsSupportPresent. This line tells you whether the Windows operating system support for the Microarchitectural Data Sampling (MDS) operating system mitigation is present. If it is True, the May 2019 update is installed on the device, and the mitigation for MDS is present. If it is False, the May 2019 update is not installed, and the mitigation for MDS is not present.

Hardware is vulnerable to MDS

Maps to MDSHardwareVulnerable. This line tells you whether the hardware is vulnerable to Microarchitectural Data Sampling (MDS) set of vulnerabilities (CVE-2018-11091, CVE-2018-12126, CVE-2018-12127, CVE-2018-12139). If it is True, the hardware is believed to be affected by these vulnerabilities. If it is False, the hardware is known not to be vulnerable.

Windows OS support for MDS mitigation is enabled

Maps to MDSWindowsSupportEnabled. This line tells you whether the Windows operating system mitigation for Microarchitectural Data Sampling (MDS) is enabled. If it is True, the hardware is believed to be affected by the MDS vulnerabilities, the Windows operating system support for the mitigation is present, and the mitigation is enabled. If it is False, either the hardware is not vulnerable, Windows operating system support is not present, or the mitigation is not enabled.

Windows OS support for SBDR mitigation is present

Maps to FBClearWindowsSupportPresent. This line tells you whether the Windows operating system support for the SBDR operating system mitigation is present. If it is True, the June 2022 update is installed on the device, and the mitigation for SBDR is present. If it is False, the June 2022 update is not installed, and the mitigation for SBDR is not present.

Hardware is vulnerable to SBDR

Maps to SBDRSSDPHardwareVulnerable. This line tells you whether the hardware is vulnerable to SBDR [shared buffers data read] set of vulnerabilities (CVE-2022-21123). If it is True, the hardware is believed to be affected by these vulnerabilities. If it is False, the hardware is known not to be vulnerable.

Windows OS support for SBDR mitigation is enabled

Maps to FBClearWindowsSupportEnabled. This line tells you whether the Windows operating system mitigation for SBDR [shared buffers data read] is enabled. If it is True, the hardware is believed to be affected by the SBDR vulnerabilities, the windows operating support for the mitigation is present, and the mitigation is enabled. If it is False, either the hardware is not vulnerable, Windows operating system support is not present, or the mitigation is not enabled.

Windows OS support for FBSDP mitigation is present

Maps to FBClearWindowsSupportPresent. This line tells you whether the Windows operating system support for the FBSDP operating system mitigation is present. If it is True, the June 2022 update is installed on the device, and the mitigation for FBSDP is present. If it is False, the June 2022 update is not installed, and the mitigation for FBSDP is not present.

Hardware is vulnerable to FBSDP

Maps to FBSDPHardwareVulnerable. This line tells you whether the hardware is vulnerable to FBSDP [fill buffer stale data propagator] set of vulnerabilities (CVE-2022-21125, CVE-2022-21127, and CVE-2022-21166). If it is True, the hardware is believed to be affected by these vulnerabilities. If it is False, the hardware is known not to be vulnerable.

Windows OS support for FBSDP mitigation is enabled

Maps to FBClearWindowsSupportEnabled. This line tells you whether the Windows operating system mitigation for FBSDP [fill buffer stale data propagator] is enabled. If it is True, the hardware is believed to be affected by the FBSDP vulnerabilities, the Windows operating support for the mitigation is present, and the mitigation is enabled. If it is False, either the hardware is not vulnerable, Windows operating system support is not present, or the mitigation is not enabled.

Windows OS support for PSDP mitigation is present

Maps to FBClearWindowsSupportPresent. This line tells you whether the Windows operating system support for the PSDP operating system mitigation is present. If it is True, the June 2022 update is installed on the device, and the mitigation for PSDP is present. If it is False, the June 2022 update is not installed, and the mitigation for PSDP is not present.

Hardware is vulnerable to PSDP

Maps to PSDPHardwareVulnerable. This line tells you whether the hardware is vulnerable to PSDP [primary stale data propagator] set of vulnerabilities. If it is True, the hardware is believed to be affected by these vulnerabilities. If it is False, the hardware is known not to be vulnerable.

Windows OS support for PSDP mitigation is enabled

Maps to FBClearWindowsSupportEnabled. This line tells you whether the Windows operating system mitigation for PSDP [primary stale data propagator] is enabled. If it is True, the hardware is believed to be affected by the PSDP vulnerabilities, the windows operating support for the mitigation is present, and the mitigation is enabled. If it is False, either the hardware is not vulnerable, Windows operating system support is not present, or the mitigation is not enabled.

Output that has all mitigations enabled

The following output is expected for a device that has all mitigations enabled, together with what is necessary to satisfy each condition.

BTIHardwarePresent: True -> OEM BIOS/firmware update applied BTIWindowsSupportPresent: True -> January 2018 update installed BTIWindowsSupportEnabled: True -> on client, no action required. On server, follow guidance. BTIDisabledBySystemPolicy: False -> ensure not disabled by policy. BTIDisabledByNoHardwareSupport: False -> ensure OEM BIOS/firmware update is applied. BTIKernelRetpolineEnabled: False       BTIKernelImportOptimizationEnabled: True KVAShadowRequired: True or False -> no action, this is a function of the CPU the computer uses If KVAShadowRequired is True KVAShadowWindowsSupportPresent: True -> install January 2018 update KVAShadowWindowsSupportEnabled: True -> on client, no action required. On server, follow guidance. KVAShadowPcidEnabled: True or False -> no action, this is a function of the CPU the computer uses

If SSBDHardwareVulnerablePresent is True SSBDWindowsSupportPresent: True -> install Windows updates as documented in ADV180012 SSBDHardwarePresent: True -> install BIOS/firmware update with support for SSBD from your device OEM SSBDWindowsSupportEnabledSystemWide: True -> follow recommended actions to turn on SSBD

If L1TFHardwareVulnerable is True L1TFWindowsSupportPresent: True -> install Windows updates as documented in ADV180018 L1TFWindowsSupportEnabled: True -> follow actions outlined in ADV180018 for Windows Server or Client as appropriate to enable the mitigation L1TFInvalidPteBit: 0 L1DFlushSupported: True MDSWindowsSupportPresent: True -> install June 2022 update MDSHardwareVulnerable: False -> hardware is known not to be vulnerable MDSWindowsSupportEnabled: True -> mitigation for Microarchitectural Data Sampling (MDS) is enabled FBClearWindowsSupportPresent: True -> install June 2022 update SBDRSSDPHardwareVulnerable: True -> hardware is believed to be affected by these vulnerabilities FBSDPHardwareVulnerable: True -> hardware is believed to be affected by these vulnerabilities PSDPHardwareVulnerable: True -> hardware is believed to be affected by these vulnerabilities FBClearWindowsSupportEnabled: True -> Represents mitigation enablement for SBDR/FBSDP/PSDP. Ensure OEM BIOS/firmware is updated, FBClearWindowsSupportPresent is True, mitigations enabled as outlined in ADV220002 and KVAShadowWindowsSupportEnabled is True.

Registry

The following table maps the output to the registry keys that are covered in KB4072698: Windows Server and Azure Stack HCI guidance to protect against silicon-based microarchitectural and speculative execution side-channel vulnerabilities.

Registry key

Mapping

FeatureSettingsOverride – Bit 0

Maps to - Branch target injection - BTIWindowsSupportEnabled

FeatureSettingsOverride – Bit 1

Maps to - Rogue data cache load - VAShadowWindowsSupportEnabled

References

We provide third-party contact information to help you find technical support. This contact information may change without notice. We do not guarantee the accuracy of this third-party contact information.

Need more help?

Want more options?

Explore subscription benefits, browse training courses, learn how to secure your device, and more.

Communities help you ask and answer questions, give feedback, and hear from experts with rich knowledge.