Variant 1.1 (Bounds Check Bypass Store) is now mentioned in the Windows Client Guidance, but strangely I can't find any information about either of the new vulnerabilities on the Intel web site.
Q16. I heard that CVE-2018-3693 (Bounds Check Bypass Store) is related to Spectre. Will Microsoft release mitigations for it?
A16. Bounds Check Bypass Store (BCBS) was disclosed on July 10, 2018 and assigned CVE-2018-3693. We consider BCBS to belong to the same class of vulnerabilities as Bounds Check Bypass (Variant 1). We are not currently aware of any instances of BCBS in our software, but we are continuing to research this vulnerability class and will work with industry partners to release mitigations as required. We continue to encourage researchers to submit any relevant findings to Microsoft’s Speculative Execution Side Channel bounty program, including any exploitable instances of BCBS. Software developers should review the developer guidance that has been updated for BCBS at https://aka.ms/sescdevguide.
Variant 1.1 (Bounds Check Bypass Store) is now mentioned in the Windows Client Guidance, but strangely I can't find any information about either of the new vulnerabilities on the Intel web site.
Due to the limitations of the InSpectre tool as is, I am attempting to validate Variant 4 patching against SSB via the PowerShell script.
I can't seem to get it activated despite following the notes. It validates that Variant 1 (not 1.1 or 1.2) & 2 patching is active.
I have applied the registry keys, rebooted and ran the script as Adminstrator.
Anyone else tried it?
I tried, and SSBD isnt enabled on this build. But a few build back, 17692 or something like that, its enabled. And PowerShell script tells me my CPU Microcode isnt patched for Spectre v4, but actually my microcode is the latest with both Spectre v3a/4 and I verified patching status of microcode under Linux....
I tried, and SSBD isnt enabled on this build. But a few build back, 17692 or something like that, its enabled. And PowerShell script tells me my CPU Microcode isnt patched for Spectre v4, but actually my microcode is the latest....
I've just come to try it on a machine that has exactly that. My desktop has the July MCU whereas the laptop has the April MCU (both via UEFI).
Edit: As you can guess, it made no difference. Not patched.
I had an advisory from Dell today about a UEFI update for a machine I no longer own (I returned it due to poor battery performance). It was an update to mitigate Intel-SA-00115 (Spectre 3a & 4) and Intel-SA-00118 (Intel ME CSME vulnerability) so it contained MCU and ME images.
So, you would hope that patching could be enabled in a production OS if the MCUs are being pushed by OEMs.
I tried, and SSBD isnt enabled on this build. But a few build back, 17692 or something like that, its enabled. And PowerShell script tells me my CPU Microcode isnt patched for Spectre v4, but actually my microcode is the latest with both Spectre v3a/4 and I verified patching status of microcode under Linux....
I did it.
Problem lay in the reg file I'd created, it's fixed now (and attached).
I also updated my version of WMF using PowerShell so I ran the WMF 5.1 version of the PS script not the alternate, had to install two (Nu-Get) updates. Imported the reg file as Admin, rebooted and ran the
Get-SpeculationControlSettings and got the desired response.
Computer Type: PC/Desktop System Manufacturer/Model Number: Custom OS: Windows 11 Pro x64 Version 23H2 CPU: i7-8700K Motherboard: Asus Maximus X Code - Z370 Memory: G.Skill Trident Z 3200MHz F4-3200C16D-16GTZ (2) 32GB Graphics Card: Intel UHD Graphics 630 Sound Card: Integrated ROG SupremeFX Monitor(s) Displays: Asus VP279 27", Samsung BX2431 24" Keyboard: das Keyboard MX Brown Mechanical Switches Model DASKMKPROSIL-3G7-r1.0 Mouse: Logitech MX Master 3 Wireless & Bluetooth PSU: Corsair RM 650i +Gold Case: Phanteks Enthroo Primo Cooling: Corsair Hydro H150i, 360mm Rad & Five Corsair 140mm Pro ML Case Fans Hard Drives: Samsung M.2 NVMe 960 EVO 500GB Boot,
Samsung 840 EVO 250GB (System Copy Drive),
Samsung 860 EVO 1TB (Primary Data Drive),
WD Black 500GB (Data Copy Drive) Internet Speed: 150Mb + Browser: Chrome, Firefox Antivirus: Malwarebytes Premium, SuperAntiSpyware Pro (Licensed) Other Info: Macrium (Licensed), Office 365, Wise Disk Cleaner, Crystal Disk Info
Read more:
Windows client guidance for IT Pros to protect against speculative execution side-channel vulnerabilities
Protect your Windows devices against speculative execution side-channel attacks
ADV190013 | Microsoft Guidance to mitigate...
Source: Mitigating speculative execution side channel hardware vulnerabilities Defense
See also: Microsoft Announcing Speculative Execution Bounty Program Launch - Windows 10 Forums