Microsoft publishes new Registry security mitigation for Intel processors (Spectre)

Martin Brinkmann
Apr 15, 2024
Updated • Apr 15, 2024
Security, Windows 10, Windows 11 News
|
11

About six years ago, vulnerabilities were discovered that affected most Intel and AMD processors. The vulnerabilities, Spectre and Meltdown, can be exploited to read sensitive data from attacked computer systems.

Intel released an update for one of the Spectre variants, disclosed officially on March 8, 2022. Microsoft implemented mitigations in client and server versions of Windows as a response to this.

These are disabled by default. The main reason for this seems to be potential performance impacts that comes with the implementation.

This guide walks you through the steps of configuring Windows to enable the mitigations and finding out if your processor is affected.

Is your processor affected?

The very first thing you may want to do is check if your processor is on Intel's list of affected CPUs.

  • If it is on the list, you may enable the mitigation to protect the system against potential attacks.
  • If it is not on the list, you can skip the remainder of the article.

Here is how you find out:

  1. Open Start > Settings > System > About and check the listed processor.
  2. Load the following two resource websites: Nist.gov and Intel's Affected Processors website.

Check to see if the installed processor is listed on these websites. You may want to use the browser's search to find the information quickly.

Microsoft's Registry tweak to protect against the vulnerability

Intel Spectre Mitigation

If your processor is on the list, you may change the Registry keys to enable the mitigations.

Note: implementation may affect performance. While I cannot recommend not enabling these mitigations, the risk of attacks against home PCs is most of the time neglectable.

Backup: it is highly recommended to back up the system drive before implementing the mitigation. Not with Windows' Backup App, which is useless for the purpose, but with a full backup program like Paragon Backup & Recovery Free.

Here is what you need to do on Windows devices and clients to mitigate CVE-2022-0001:

  1. Open Start, type CMD, and select Run as administrator. This launches an elevated command prompt window.
  2. Confirm the UAC prompt by selecting yes.
  3. Execute the following two commands by pasting them and pressing the Enter-key after each:
    1. reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management" /v FeatureSettingsOverride /t REG_DWORD /d 0x00800000 /f
    2. reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management" /v FeatureSettingsOverrideMask /t REG_DWORD /d 0x00000003 /f
  4. Restart the computer after both Registry keys have been added.

Tip: you may want to monitor performance to make sure that day-to-day operations are not severely impacted by the mitigation.

Interestingly enough, Microsoft has also revealed how Linux users may mitigate the vulnerability: "Specify spectre_bhi=on on the kernel command line".

Closing Words

While it may be critical for organizations to implement the mitigation, risks of attacks are relatively low for home users.

What about you? Have you implemented Spectre / Meltdown mitigations on your PCs? (via Neowin)

Summary
Microsoft publishes new Registry mitigation for Intel processors (Spectre)
Article Name
Microsoft publishes new Registry mitigation for Intel processors (Spectre)
Description
Microsoft published a new mitigation that protects Windows devices with Intel processors against attacks exploiting a vulnerability called Spectre.
Author
Publisher
Ghacks Technology News
Logo
Advertisement

Tutorials & Tips


Previous Post: «
Next Post: «

Comments

  1. MJ said on April 18, 2024 at 1:12 am
    Reply

    Note that the intel list link only goes back to 2018 processors. Older ones, like sandy bridge 2nd gen Core i3’s are affected to some extent as well. They should have a patch out by now. Uknown if this would slow down your processor like some have reported in the past.

  2. pHROZEN gHOST said on April 16, 2024 at 2:46 pm
    Reply

    My XEON E5-1620 is not on the lists :-)

  3. VioletMoon said on April 15, 2024 at 4:17 pm
    Reply

    Martin, interesting use of “neglectable.” The word is archaic and practically useless; however, the way it’s used in the article wouldn’t be incorrect–maybe awkward for many readers when most writers would use “negligible.”

    Other sites claim the flaw, “Affects most Intel CPUs since 2015.” I’ll just enter those registry hacky things and see what happens.

    No, I think I’ll leave my registry alone.

  4. John said on April 15, 2024 at 3:36 pm
    Reply

    I won’t enable it on any of my PC’s. Never felt the Spectre or Meltdown was that much of a real world attack vector.

  5. Anonymous said on April 15, 2024 at 2:32 pm
    Reply

    Thanks for the article, Martin.

  6. TelV said on April 15, 2024 at 12:09 pm
    Reply

    Forgot to mention that when I contacted Acer (the laptop is an Aspire V3-772G with an Intel Core i5 4200m CPU) about this mysterious machine and gave them the SNID they said the machine doesn’t exist even after using their own CPU identification app.

    I bought it from Dixons in Amsterdam back in 2014 and at €850 it seemed a good deal at the time, but about six months later they went out of business in the Netherlands.

    Still running Windows 8.1 Home after using GRC’s Never10 app to avoid the Windows 10 installation.

  7. TelV said on April 15, 2024 at 11:51 am
    Reply

    Whenever I’ve checked in the past and have tried to install the updates for my Haswell CPU it always results in the message “Processor unknown” and exits the setup.

  8. Mr Stank said on April 15, 2024 at 11:42 am
    Reply

    Mitigate this, mitigate that, cripples the processor performance, then go buy a new/faster processor to do your work like a human being (aka spend more money). Thanx but no thanx.

    1. pHROZEN gHOST said on April 16, 2024 at 2:47 pm
      Reply

      Agreed. So many packages you have to install to “stay safe”. And some of them have their own impacts.

  9. John G. said on April 15, 2024 at 11:06 am
    Reply

    These mitigations should be enabled by default.
    Thanks for the article! :]

  10. Sebas said on April 15, 2024 at 9:13 am
    Reply

    No I won’t implement that. I think it is better to make an image once a week, sometimes more. I start Macrium with a bootable USB stick, then make the image. It never has let me down. But to each his own.

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.