This post has been republished via RSS; it originally appeared at: Configuration Manager Blog articles.
First published on TECHNET on Aug 02, 2018We have updated the Speculation Execution Side-Channel Vulnerabilities Configuration Baseline . The updated baseline now includes support for verifying the protections for CVE-2018-3639 (Speculative store bypass) in addition to the previously supported CVE-2017-5715 and CVE-2017-5754.
Download the updated baseline
This configuration baseline is used to confirm whether a system has enabled the protections needed for the speculative-execution side-channel vulnerabilities as described in Microsoft Security Advisory ADV180002 and Microsoft Security Advisory ADV 180012 . It is based on the functionality in the PowerShell module Get_SpeculationControlSettings . It requires at least PowerShell 3.0.
Read more about mitigating speculative execution side-channel vulnerabilities for Configuration Manager environments