Meltdown
Scripts downloads and runs Microsoft’s KB4078130 patch. This script disables Intel Microcode meant to mitigate against Spectre variant 2. Machines running this KB will be vulnerable to Spectre attack vectors from malicious third parties. This KB will do nothing on machines that have not yet installed the new Microcode firmware update for their Intel CPU.
Read MoreScript checks for the existence of 2 registry keys. Then sets them to enable Spectre Mitigation. If the machine is a server, there will be a 3rd registry key that will be checked as well. Script will report the result of these checks. More details here. Report using $Spectre2$. Use the following video to setup…
Read MoreScripts checks for 2 registry keys to be set to enable patching. If the machine is a server, there will be a 3rd registry key that will be checked as well. Script will report the result of these checks. Can Report using $MeltSpecPatch$. Use the following video to setup reports based on script tags.
Read MoreScript checks for the existence of 2 registry keys. Then sets them to disable Spectre Mitigation. Script will report the result of these checks. More information here. Can Report using $Spectre2$. Use the following video to setup reports based on script tags.
Read MoreScripts checks for 2 registry keys to be set to disable patching. If the machine is a server, there will be a 3rd registry key that will be checked (removed). Script will report the result of these checks. Can Build a Report using $MeltSpecPatch$. Use the following video to setup reports based on script tags.
Read MoreInstalls PS module and runs powershell command Get-SpeculationControlSettings. Outputs the results to a file and reports to the procedure log. Procedure log will indicate if patching may be required. Should work on Powershell 3.0 or later. Results are saved to custom variable (“updateSystemInfo” lines will need to be edited to link to your variable). It…
Read MoreImports PS module and runs powershell command Get-SpeculationControlSettings. Outputs the results to a file and reports to the procedure log. Procedure log will indicate if patching may be required. Should work on Powershell 3.0 or later. Can run report using tags: $Meltdown$, $MetldownPatch$, $NoMeltdownPatch$, $MeltdownLog$. $Meltdown$ is the same as $MeltdownPatch$ but works across multiple…
Read MoreFolder containing all the current meltdown scripts: Meltdown Reg Key Audit Meltdown Reg Key Force Add Meltdown/Spectre Vulnerability Check Meltdown/Spectre Vulnerability Check (w/ Tags)
Read MoreThis agent procedure will create the registry key “HKEY_LOCAL_MACHINE:\SOFTWARE\Microsoft\Windows\CurrentVersion\QualityCompat” Value=”cadca5fe-87d3-4b96-b7fb-a231484277cc” Type=”REG_DWORD” on any Windows machine using a powershell script. The registry key is not always required to get the Windows Update to protect against the Meltdown vulnerability. It is advised to check the list of Antivirus at: https://docs.google.com/spreadsheets/d/184wcDt9I9TUNFFbsAVLpzAtckQxYiuirADzf3cL42FQ/htmlview?sle=true#gid=0 You can find more information on this…
Read MoreThis agent procedure will check for the existence of the registry key “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\QualityCompat\cadca5fe-87d3-4b96-b7fb-a231484277cc” using a powershell script. Can report using $Meltdown$, $MeltdownKey$, $NoMeltdownKey$. $Meltdown$ is the same as $MeltdownKey$ but works across multiple scripts. $NoMeltdownKey$ will only show machines that are missing the key.
Read More