Microsoft has released a PowerShell test module to find out if your computer is sufficiently protected against Specter and Meltdown attacks.
Microsoft has made security patches for Windows available to users to limit Specter and Meltdown attacks. These patches are only part of the solution and it will be necessary to wait for the manufacturers to offer updates to the firmware of the computers so that the machines are completely protected. In the meantime, Windows 10 users can find out how well their machines are protected by using a PowerShell test module designed by Microsoft. This method may seem a bit complex to less experts, but you just need to carefully follow the commands to type to get it done. Here’s how to do it:
1 – Launch PowerShell
Right click on the start button and select on Windows PowerShell (admin). Note that PowerShell is a command language that allows you to chain a series of actions in the form of scripts.
2 – Install the test module
Type the command Install-Module SpeculationControl and validate. PowerShell will ask you for two consecutive permissions. Each time, type O (for Yes) and validate. There may be some waiting times between different requests so be patient.
3 – Save the execution rights of the modules
Type the command $ SaveExecutionPolicy = Get-ExecutionPolicy and validate. Then type Set-ExecutionPolicy RemoteSigned -Scope Currentuser to allow the test module to run and validate. Type O and confirm when PowerShell requests authorization. This will grant execution rights to the module that we have just installed.
4 – Launch the test module
Type the command Import-Module SpeculationControl and validate. To view the test results, type Get-SpeculationControlSettings and validate. In the screenshot below, the results show that Microsoft’s patch is installed to counter Meltdown (lines in green), but the computer’s firmware has not yet been patched (lines in red). which leaves the computer vulnerable to the Branch Target Injection attack (Specter variant 2). A summary lists the active protections (mention True) and those which are not (False).
5 – Restore the execution rights of the modules
You must now cancel the execution rights that were granted in step 3. Type the command Set-ExecutionPolicy $ SaveExecutionPolicy -Scope Currentuser and validate. Type O and confirm when PowerShell requests authorization.
Finally type exit and validate to quit PowerShell.