New
#260
Everything seems fine, except
Speculation control settings for CVE-2017-5754 [rogue data cache load]
Code:Hardware requires kernel VA shadowing: True Windows OS support for kernel VA shadow is present: True Windows OS support for kernel VA shadow is enabled: True Windows OS support for PCID performance optimization is enabled: False [not required for security]The falses in red should be true, that is weird!Code:KVAShadowPcidEnabled : False
Can you try the 0 value, last try, can you please try these command, run CMD as admin, and reboot windows after
Code:reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management" /v FeatureSettingsOverride /t REG_DWORD /d 0 /f reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management" /v FeatureSettingsOverrideMask /t REG_DWORD /d 3 /f
Hey, I am getting the same result but thats okay thanks for trying to help me. I do have many macrium backups so I can roll back to 1809 17763.437 or 1809 17763.475.
No worries, I do appreciate all your efforts. Thanks againCode:Speculation control settings for CVE-2017-5715 [branch target injection] Hardware support for branch target injection mitigation is present: False Windows OS support for branch target injection mitigation is present: True Windows OS support for branch target injection mitigation is enabled: False Windows OS support for branch target injection mitigation is disabled by system policy: False Windows OS support for branch target injection mitigation is disabled by absence of hardware support: True Speculation control settings for CVE-2017-5754 [rogue data cache load] Hardware requires kernel VA shadowing: True Windows OS support for kernel VA shadow is present: True Windows OS support for kernel VA shadow is enabled: True Windows OS support for PCID performance optimization is enabled: False [not required for security] Speculation control settings for CVE-2018-3639 [speculative store bypass] Hardware is vulnerable to speculative store bypass: True Hardware support for speculative store bypass disable is present: False Windows OS support for speculative store bypass disable is present: True Windows OS support for speculative store bypass disable is enabled system-wide: False Speculation control settings for CVE-2018-3620 [L1 terminal fault] Hardware is vulnerable to L1 terminal fault: True Windows OS support for L1 terminal fault mitigation is present: True Windows OS support for L1 terminal fault mitigation is enabled: True Speculation control settings for MDS [microarchitectural data sampling] Windows OS support for MDS mitigation is present: True Hardware is vulnerable to MDS: True Windows OS support for MDS mitigation is enabled: False Suggested actions * Install BIOS/firmware update provided by your device OEM that enables hardware support for the branch target injection mitigation. * Follow the guidance for enabling Windows Client support for speculation control mitigations described in https://support.microsoft.com/help/4073119 BTIHardwarePresent : False BTIWindowsSupportPresent : True BTIWindowsSupportEnabled : False BTIDisabledBySystemPolicy : False BTIDisabledByNoHardwareSupport : True BTIKernelRetpolineEnabled : False BTIKernelImportOptimizationEnabled : False KVAShadowRequired : True KVAShadowWindowsSupportPresent : True KVAShadowWindowsSupportEnabled : True KVAShadowPcidEnabled : False SSBDWindowsSupportPresent : True SSBDHardwareVulnerable : True SSBDHardwarePresent : False SSBDWindowsSupportEnabledSystemWide : False L1TFHardwareVulnerable : True L1TFWindowsSupportPresent : True L1TFWindowsSupportEnabled : True L1TFInvalidPteBit : 45 L1DFlushSupported : False MDSWindowsSupportPresent : True MDSHardwareVulnerable : True MDSWindowsSupportEnabled : False
Don't rollback, this version has retpoline enabled by default, it is the best one to test mitigation,
I would not worry much about it, cuase your CPU is quite old, and most likely is not exposed to the vulnerabilities to begin with.
I will stick to the value 72 as it enables the MDS mitigation and wait for the new Microcode
Anyone?
Speculation control settings for CVE-2017-5715 [branch target injection]
Hardware support for branch target injection mitigation is present: True
Windows OS support for branch target injection mitigation is present: True
Windows OS support for branch target injection mitigation is enabled: True
Speculation control settings for CVE-2017-5754 [rogue data cache load]
Hardware requires kernel VA shadowing: False
Speculation control settings for CVE-2018-3639 [speculative store bypass]
Hardware is vulnerable to speculative store bypass: True
Hardware support for speculative store bypass disable is present: True
Windows OS support for speculative store bypass disable is present: True
Windows OS support for speculative store bypass disable is enabled system-wide: True
Speculation control settings for CVE-2018-3620 [L1 terminal fault]
Hardware is vulnerable to L1 terminal fault: False
Speculation control settings for MDS [microarchitectural data sampling]
Windows OS support for MDS mitigation is present: True
Hardware is vulnerable to MDS: True
Windows OS support for MDS mitigation is enabled: False
BTIHardwarePresent : True
BTIWindowsSupportPresent : True
BTIWindowsSupportEnabled : True
BTIDisabledBySystemPolicy : False
BTIDisabledByNoHardwareSupport : False
BTIKernelRetpolineEnabled : False
BTIKernelImportOptimizationEnabled : False
KVAShadowRequired : False
KVAShadowWindowsSupportPresent : True
KVAShadowWindowsSupportEnabled : False
KVAShadowPcidEnabled : False
SSBDWindowsSupportPresent : True
SSBDHardwareVulnerable : True
SSBDHardwarePresent : True
SSBDWindowsSupportEnabledSystemWide : True
L1TFHardwareVulnerable : False
L1TFWindowsSupportPresent : True
L1TFWindowsSupportEnabled : False
L1TFInvalidPteBit : 0
L1DFlushSupported : True
MDSWindowsSupportPresent : True
MDSHardwareVulnerable : True
MDSWindowsSupportEnabled : False
Thanksss!!!
I already answered you Cumulative Update KB4494441 Windows 10 v1809 Build 17763.503 - May 14
Nothing to worry about
I told you, everything is fine, no need to worry! Everything is fine! You have a new CPU which is not exposed to all those CVE
Check the link I posted for you to be more sure.
here is the link again https://support.microsoft.com/en-in/...ngs-powershell