Speculation Control Validation PowerShell Script

This is described in the blog topic: "Windows Server guidance to protect against the speculative execution side-channel vulnerabilities."

 
 
 
 
 
4.4 Star
(20)
70,005 times
Add to favorites
Security
9/5/2018
E-mail Twitter del.icio.us Digg Facebook
  • SpeculationControl.zip empty
    3 Posts | Last post January 11, 2018
    • SpeculationControl.zip empty!!
      there is nothing in zip files!!
    • Try to download it again.
    • After 5 times dowloading the zip is still empty. Can you please check?
  • The zip file is empty.
    1 Posts | Last post January 11, 2018
    • Where could we find correct one?
  • SpeculationControl on VirtualMachine
    3 Posts | Last post January 10, 2018
    • we patched our Hardware (Bios), ESXi and GuestOS but SpeculationControl is still telling "disabled by absence of hardware support: True"
      
      is your script compatible with Virtual Machines!?
    • We've the same issue, looks like the fix has just landed for VMWare guest OS, dated 09-01-2018: https://kb.vmware.com/s/article/52208.
      This ESXi patch provides part of the hypervisor-assisted guest remediation of CVE-2017-5715 for guest operating systems. For important details on this remediation, see VMware Security Advisory VMSA-2018-0004.
    • installed the VM Patche and PowerOff/PowerON our VMs (reboot was not enough) updated to HW Version 11. Now all are green.
      
      thx
  • File is 0 bytes
    3 Posts | Last post January 10, 2018
    • Ive tried to download in all the browsers I have and its always 0 bytes. Windows blocks the file but that doesn't help either. 
    • Same problem. Tried 3 different systems.
    • The same situation
  • Worked great! What's it mean?
    4 Posts | Last post January 10, 2018
    • Extracted and ran. Worked fine on Windows 10 and Server 2012 R2 (VM). How to I interpret the results? What do all these things mean? Good/Bad?
      BTIHardwarePresent             : False
      BTIWindowsSupportPresent       : False
      BTIWindowsSupportEnabled       : False
      BTIDisabledBySystemPolicy      : False
      BTIDisabledByNoHardwareSupport : False
      KVAShadowRequired              : True
      KVAShadowWindowsSupportPresent : False
      KVAShadowWindowsSupportEnabled : False
      KVAShadowPcidEnabled           : False
    • I have the same question. I'm trying to come up with remediations for each item that is needed, but these descriptions are a little confusing. 
    • All must be True for a 100% protected OS. Like this:
      
      Speculation control settings for CVE-2017-5715 [branch target injection]
      Hardware support for branch target injection mitigation is present: True
      Windows OS support for branch target injection mitigation is present: True
      Windows OS support for branch target injection mitigation is enabled: True
      
      Speculation control settings for CVE-2017-5754 [rogue data cache load]
      Hardware requires kernel VA shadowing: True
      Windows OS support for kernel VA shadow is present: True
      Windows OS support for kernel VA shadow is enabled: True
      Windows OS support for PCID optimization is enabled: True
      
      BTI = branch target injection 
      kVAShadow = kernel VA shadow 
    • MS heard you. See next link:
      https://support.microsoft.com/en-us/help/4074629/understanding-the-output-of-get-speculationcontrolsettings-powershell
  • Module Import Failure
    4 Posts | Last post January 09, 2018
    • I downloaded and extracted the ZIP file, but when I run the execution steps in the description (Win7 x64 Pro), I get an error when trying to import the module:
      ---
      Import-Module : The 'C:\Users\<user>\SpeculationControl\SpeculationControl.psd1' module cannot be imported because its manifest contains one or more members that are not valid. The valid manifest members are ('ModuleToProcess', 'NestedModules', 'GUID', 'Author', 'CompanyName', 'Copyright', 'ModuleVersion', 'Description', 'PowerShellVersion', 'PowerShellHostName', 'PowerShellHostVersion', 'CLRVersion', 'DotNetFrameworkVersion', 'ProcessorArchitecture', 'RequiredModules', 'TypesToProcess', 'FormatsToProcess', 'ScriptsToProcess', 'PrivateData', 'RequiredAssemblies', 'ModuleList', 'FileList', 'FunctionsToExport', 'VariablesToExport', 'AliasesToExport', 'CmdletsToExport'). Remove the members that are not valid ('RootModule'), then try to import the module again.
      At line:1 char:14
      + import-module <<<<  .\SpeculationControl.psd1
          + CategoryInfo          : InvalidData: (C:\Users\<user>\Sp...ionControl.psd1:String) [Import-Module], InvalidOperationException
          + FullyQualifiedErrorId : Modules_InvalidManifestMember,Microsoft.PowerShell.Commands.ImportModuleCommand
      ---
      Any ideas?
    • Sorry, not an answer, but I'm getting the same thing.  Works fine on win10 but doesn't appear to work on win7x64.  I assume upgrading wmf might resolve ?
      
      Name                           Value
      ----                           -----
      CLRVersion                     2.0.50727.8762
      BuildVersion                   6.1.7601.23403
      PSVersion                      2.0
      WSManStackVersion              2.0
      PSCompatibleVersions           {1.0, 2.0}
      SerializationVersion           1.1.0.1
      PSRemotingProtocolVersion      2.1
    • You'll need upgrade from PS2.0 - suggest installing the latest available WMF version.
    • Thanks, Andy.  That did the trick.  Didn't realize PS hadn't been updated on my PC.
  • MS's description here says it has been tested on Win 7, but doesn't work
    2 Posts | Last post January 09, 2018
    • When attempting to execute the "Import-module ..." command, PS reports invalid members of the manifest in the SpeculationControl.psd1 file.  Specifically "Root-Module" is invalid.  Please fix and re-post a new script.
    • Try changing "Root-Module" to "ModuleToProcess" in SpeculationControl.psd1
  • zip file size zero and content empty
    2 Posts | Last post January 09, 2018
    • I could download speculationcontrol.zip successfully about 4 hours ago. but I can't download now (from about 1 hour ago)  , downloaded file's size 0 byte and content empty.
    • zip download issue seems to be resolved.
  • SpeculationControl.zip is empty / 0 bytes
    1 Posts | Last post January 09, 2018
    • Please advise cheers
  • SpeculationControl.zip
    1 Posts | Last post January 08, 2018
41 - 50 of 63 Items