Check the state of Spectre and Meltdown mitigations on Windows
SpecuCheck is an open source program for Microsoft Windows devices that reveals the state of Spectre and Meltdown mitigations on the system it is run on.
In particular, it returns the state of software and hardware mitigations against CVE-2017-5754 (Meltdown), CVE-2017-5715 (Spectre v2), CVE-2018-3260 (Foreshadow), and CVE-2018-3639 (Spectre v4).
SpecuCheck is a command line tool that returns the state of mitigations against the listed vulnerabilities.
Some users may be turned away by the command line nature of the program; it is easy enough to use, however, and does not require elevated privileges.
Note: The developer suggests that users use Microsoft's PowerPoint CmdLet if they can to check the state of mitigations and SpecuCheck only for verification or research.
All you have to do is run specucheck.exe from the command line to get detailed mitigation information. The output is detailed; the most important information is whether mitigations are listed as enabled or not.
Users or admins who see "Your system either does not have the appropriate patch, or it may not support the information class required" should pay attention as it indicates that the system is vulnerable and not properly patched to mitigate the listed vulnerability.
How does it work?
[SpecuCheck] uses two new information classes that were added to the NtQuerySystemInformation API call as part of the recent patches introduced in January 2018 and reports the data as seen by the Windows Kernel.
The application provides no information or instructions to apply patches to protect the system against Spectre or Meltdown vulnerabilities. A good starting point is to search for the CVE on the Internet to find out how to download and install patches.
SpecuCheck is not the first tool to check whether a particular system is vulnerable and patched. Microsoft released a PowerShell tool to check if PCs are affected by Meltdown or Spectre, and there is also InSpectre by Gibson Research which does the same.
SpecuCheck is a useful tool to quickly check the state of Spectre and Meltdown mitigations on a system.
While it is suggested to use Microsoft's PowerShell tool to verify the findings, SpecuCheck does provide users and admins with a quick overview of the patched state of the system.Advertisement