Manage Speculative Execution Settings Script for Windows - gHacks Tech News

Manage Speculative Execution Settings Script for Windows

Manage Speculative Execution Settings Script is a batch file for Microsoft Windows devices to check and manage the Speculative Execution Protection status on the system.

Speculative Execution side-channel attacks are a new class of vulnerabilities that started to make waves in early 2018 when it was discovered that nearly any device was considered vulnerable.

Microsoft released a lot of patches to address certain variants, e.g. Spectre V4, or Spectre 1.1 and 1.2. Tools have been created to check a PC for patches and you may use Gibson's free InSpectre tool or scripts by Microsoft to find out if a PC is vulnerable.

Manage Speculative Execution Settings Script

manage speculative execution protection settings

You can download the latest version of the script from Majorgeeks; just extract it after the download to get started. You can open the batch file in a plain text editor to verify that it is safe. Note that you need to run the batch file with administrative privileges.

When you run it for the first time you need to allow it to download an additional control script from the Internet. The script is needed for functionality and you cannot do anything if you don't allow it.

A list of options is displayed after the download. The following options are provided:

  1. Check Speculative Execution Protection Status
  2. Enable Mitigations for Spectre Variant 2 and Meltdown.
  3. Disable Mitigations for Spectre Variant 2.
  4. AMD and ARM only: Enable Full Mitigation for Spectre variant 2.
  5. Enable Mitigations for Speculative Store Bypass, Spectre Variant 2 and Meltdown.
  6. AMD Processors only: Enable Fill Mitigation for Spectre variant 2 and Speculative Store Bypass.
  7. Enable Mitigations for Microarchitectural Data Sampling along with Spectre and Meltdown variants.
  8. Same as 7 but with Hyper-Threading disabled.
  9. Disable all Speculative Execution Protection Mitigations.
  10. Speculative Control Module Installation Menu.
  11. More Information and Reference.

A tap on 1 displays the current status of protections; it is a good idea to start here to find out which protections are already in place and which are not; this part seems to use Microsoft's script.

current protection status

You may use the script to enable or disable certain protections. Note that you may need a certain Windows patch level to protect against certain attack variants.

One of the downsides of using the script is that it does not highlight if certain protections are enabled or disabled in the main menu. You need to verify the status first before you make a decision.

Closing Words

The script is certainly an advanced tool that system administrators and tech savvy users may find useful in certain situations.

Now you: how do you handle protections and mitigations?

Summary
software image
Author Rating
1star1star1stargraygray
4.5 based on 2 votes
Software Name
Manage Speculative Execution Settings Script
Operating System
Windows
Software Category
Administration
Advertisement

We need your help

Advertising revenue is falling fast across the Internet, and independently-run sites like Ghacks are hit hardest by it. The advertising model in its current form is coming to an end, and we have to find other ways to continue operating this site.

We are committed to keeping our content free and independent, which means no paywalls, no sponsored posts, no annoying ad formats or subscription fees.

If you like our content, and would like to help, please consider making a contribution:


Previous Post: «
Next Post: »

Comments

  1. Doubter said on August 6, 2019 at 1:13 pm
    Reply

    Has anyone audited what is downloaded?

    Why is this hosted on Majorgeeks?

    1. Martin Brinkmann said on August 6, 2019 at 1:18 pm
      Reply

      I think the script has been published on My Digital Life, a forum that requires registration to download files. It downloads Microsoft’s SpeculationControl script https://github.com/microsoft/SpeculationControl/blob/master/README.md

  2. PanamaVet said on August 6, 2019 at 2:36 pm
    Reply

    This software requires Admin privilege execution.

    It should only come from a trusted source.

    Think of the damage it could do to GHacks.

    1. LogicDaemon said on August 6, 2019 at 9:59 pm
      Reply

      Windows is from Microsoft too. Think of the damage it could do to GHacks.

      Jokes aside, there’s github link in the article, have you had a glance on it?

    2. LogicDaemon said on August 6, 2019 at 10:01 pm
      Reply

      my bad, actually github link is in Martin’s comment, which still was added half an hour before yours :)

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

Please note that your comment may not appear immediately after you post it.