Utility for mitigations CVE-2017-5715 and CVE-2017-5754 status check

Discussion in 'Operating Systems' started by mbk1969, Jan 10, 2018.

  1. tsunami231

    tsunami231 Ancient Guru

    Messages:
    12,314
    Likes Received:
    989
    GPU:
    EVGA 1070Ti Black
    no go, maybe i have gnomes at work ? XD

    Code:
    Speculation control settings for CVE-2017-5715 [branch target injection]
    
    Querying branch target injection information failed with error: 0xC0000003, The parameter is incorrect
    Hardware support for branch target injection mitigation is present: False
    Windows OS support for branch target injection mitigation is present: False
    Windows OS support for branch target injection mitigation is enabled: False
    
    BpbEnabled            : False
    BpbDisabledSystemPolicy        : False
    BpbDisabledNoHardwareSupport    : False
    HwReg1Enumerated        : False
    HwReg2Enumerated        : False
    HwMode1Present            : False
    HwMode2Present            : False
    SmepPresent            : False
    
    
    
    Speculation control settings for CVE-2017-5754 [rogue data cache load]
    
    Hardware requires kernel VA shadowing: True
    Windows OS support for kernel VA shadow is present: True
    Windows OS support for kernel VA shadow is enabled: True
    Windows OS support for PCID performance optimization is enabled: True [not required for security]
    
    KvaShadowEnabled    : True
    KvaShadowUserGlobal    : False
    KvaShadowPcid        : True
    KvaShadowInvpcid        : True
    
    
    
    Additional CPU information
    
    Name: Intel(R) Core(TM) i7-6700K CPU @ 4.00GHz
    Description: Intel64 Family 6 Model 94 Stepping 3
    CPUID: 0x000506E3
    
    
    
    Additional OS information
    
    Name: Microsoft Windows 10 Pro
    Architecture: 64-bit
    Build: 15063
    SKU: 48
    Service Pack: 0.0
    
     
  2. mbk1969

    mbk1969 Ancient Guru

    Messages:
    11,486
    Likes Received:
    9,191
    GPU:
    GF RTX 2070 Super

    And I was being blind all this time - I just discovered that my utility was built all this time as 32-bit application (VisualStudio decided so back at work). So I just changed that to be 64-bit (in 64-bit OS) and please, try for the last time
    http://www.mediafire.com/file/2321zihyiaefbzj/MitigationStatus.zip
     
  3. tsunami231

    tsunami231 Ancient Guru

    Messages:
    12,314
    Likes Received:
    989
    GPU:
    EVGA 1070Ti Black
    guess what is was all a brain fart!!

    ran normal or as admin

    Code:
    Speculation control settings for CVE-2017-5715 [branch target injection]
    
    Hardware support for branch target injection mitigation is present: False
    Windows OS support for branch target injection mitigation is present: True
    Windows OS support for branch target injection mitigation is enabled: False
    Windows OS support for branch target injection mitigation is disabled by system policy: False
    Windows OS support for branch target injection mitigation is disabled by absence of hardware support: True
    
    BpbEnabled            : False
    BpbDisabledSystemPolicy        : False
    BpbDisabledNoHardwareSupport    : True
    HwReg1Enumerated        : False
    HwReg2Enumerated        : False
    HwMode1Present            : False
    HwMode2Present            : False
    SmepPresent            : True
    
    
    
    Speculation control settings for CVE-2017-5754 [rogue data cache load]
    
    Hardware requires kernel VA shadowing: True
    Windows OS support for kernel VA shadow is present: True
    Windows OS support for kernel VA shadow is enabled: True
    Windows OS support for PCID performance optimization is enabled: True [not required for security]
    
    KvaShadowEnabled    : True
    KvaShadowUserGlobal    : False
    KvaShadowPcid        : True
    KvaShadowInvpcid        : True
    
    
    
    Additional CPU information
    
    Name: Intel(R) Core(TM) i7-6700K CPU @ 4.00GHz
    Description: Intel64 Family 6 Model 94 Stepping 3
    CPUID: 0x000506E3
    
    
    
    Additional OS information
    
    Name: Microsoft Windows 10 Pro
    Architecture: 64-bit
    Build: 15063
    SKU: 48
    Service Pack: 0.0
    


    Not sure if you patting your self on back or kick your self but success !!!
     
  4. mbk1969

    mbk1969 Ancient Guru

    Messages:
    11,486
    Likes Received:
    9,191
    GPU:
    GF RTX 2070 Super
    Phewww... First - kick for overlooking this simplest thing, then - pat for noticing (finally).

    There is good joke: Experience is most valuable thing which lets you know that this error you have done already.

    Now question - remove all additional values:

    BpbEnabled : False
    BpbDisabledSystemPolicy : False
    BpbDisabledNoHardwareSupport : True
    HwReg1Enumerated : False
    HwReg2Enumerated : False
    HwMode1Present : False
    HwMode2Present : False
    SmepPresent : True

    and

    KvaShadowEnabled : True
    KvaShadowUserGlobal : False
    KvaShadowPcid : True
    KvaShadowInvpcid : True

    or leave them to be?
     

  5. tsunami231

    tsunami231 Ancient Guru

    Messages:
    12,314
    Likes Received:
    989
    GPU:
    EVGA 1070Ti Black
    up to you i not sure what those other entries are even for.

    keep if you completest or OCD manic like me?
     
    Last edited: Jan 13, 2018
  6. AMDMan2016

    AMDMan2016 Active Member

    Messages:
    76
    Likes Received:
    6
    GPU:
    Geforce 1660 Super
    Here is Results for Latest MitigationStatus

    PHP:
    Speculation control settings for CVE-2017-5715 [branch target injection]

    Hardware support for branch target injection mitigation is presentFalse
    Windows OS support 
    for branch target injection mitigation is presentTrue
    Windows OS support 
    for branch target injection mitigation is enabledFalse
    Windows OS support 
    for branch target injection mitigation is disabled by system policyFalse
    Windows OS support 
    for branch target injection mitigation is disabled by absence of hardware supportTrue

    BpbEnabled            
    False
    BpbDisabledSystemPolicy        
    False
    BpbDisabledNoHardwareSupport    
    True
    HwReg1Enumerated        
    False
    HwReg2Enumerated        
    False
    HwMode1Present            
    False
    HwMode2Present            
    False
    SmepPresent            
    True



    Speculation control settings 
    for CVE-2017-5754 [rogue data cache load]

    Hardware requires kernel VA shadowingTrue
    Windows OS support 
    for kernel VA shadow is presentTrue
    Windows OS support 
    for kernel VA shadow is enabledTrue
    Windows OS support 
    for PCID performance optimization is enabledTrue [not required for security]

    KvaShadowEnabled    True
    KvaShadowUserGlobal    
    False
    KvaShadowPcid        
    True
    KvaShadowInvpcid        
    True



    Additional CPU information

    Name
    Intel(RCore(TMi7-7700 CPU 3.60GHz
    Description
    Intel64 Family 6 Model 158 Stepping 9
    CPUID
    0x000906E9



    Additional OS information

    Name
    Microsoft Windows 10 Pro
    Architecture
    64-bit
    Build
    16299
    SKU
    48
    Service Pack
    0.0
     
  7. mbk1969

    mbk1969 Ancient Guru

    Messages:
    11,486
    Likes Received:
    9,191
    GPU:
    GF RTX 2070 Super
  8. tsunami231

    tsunami231 Ancient Guru

    Messages:
    12,314
    Likes Received:
    989
    GPU:
    EVGA 1070Ti Black
    like said you go above and beyond like Extraordinary on these forum
     
    akbaar likes this.
  9. mbk1969

    mbk1969 Ancient Guru

    Messages:
    11,486
    Likes Received:
    9,191
    GPU:
    GF RTX 2070 Super
    I have ambitious thought to crack the method used by Microsoft to update CPU microcode - to be able update microcode at will (and to be able to not touch BIOS).

    PS It was fun but right now I need to dream happy programmer dreams.
     
    akbaar likes this.
  10. anticupidon

    anticupidon Ancient Guru

    Messages:
    6,297
    Likes Received:
    2,646
    GPU:
    Polaris/Vega/Navi
    Code:
    Checking for vulnerabilities against running kernel Linux 4.14.13-1-ARCH #1 SMP PREEMPT Wed Jan 10 11:14:50 UTC 2018 x86_64
    CPU is Intel(R) Core(TM) i5-6600K CPU @ 3.50GHz
    
    CVE-2017-5753 [bounds check bypass] aka 'Spectre Variant 1'
    * Checking count of LFENCE opcodes in kernel:  NO
    > STATUS:  VULNERABLE  (only 21 opcodes found, should be >= 70, heuristic to be improved when official patches become available)
    
    CVE-2017-5715 [branch target injection] aka 'Spectre Variant 2'
    * Mitigation 1
    *   Hardware (CPU microcode) support for mitigation:  YES
    *   Kernel support for IBRS:  NO
    *   IBRS enabled for Kernel space:  NO
    *   IBRS enabled for User space:  NO
    * Mitigation 2
    *   Kernel compiled with retpoline option:  NO
    *   Kernel compiled with a retpoline-aware compiler:  NO
    > STATUS:  VULNERABLE  (IBRS hardware + kernel support OR kernel with retpoline are needed to mitigate the vulnerability)
    
    CVE-2017-5754 [rogue data cache load] aka 'Meltdown' aka 'Variant 3'
    * Kernel supports Page Table Isolation (PTI):  YES
    * PTI enabled and active:  YES
    > STATUS:  NOT VULNERABLE  (PTI mitigates the vulnerability)
    
    A false sense of security is worse than no security at all, see --disclaimer
    Here is what i get from my main computer, i guess *Nixes are getting the same sauce as the rest of the world.
     

  11. vLaDv

    vLaDv New Member

    Messages:
    4
    Likes Received:
    0
    GPU:
    Gainward GTX 570 GS-GLH
    I used this utility as administrator on my unpatched Windows 10 Pro system and I wanna know what does THESE messages mean: Querying branch target injection information failed with error: 0xC0000003, The parameter is incorrect + Querying kernel VA shadow information failed with error: 0xC0000003, The parameter is incorrect ? Thanks!
     
  12. tsunami231

    tsunami231 Ancient Guru

    Messages:
    12,314
    Likes Received:
    989
    GPU:
    EVGA 1070Ti Black
    your not usinf 32bit vs of windows are you?
     
  13. mbk1969

    mbk1969 Ancient Guru

    Messages:
    11,486
    Likes Received:
    9,191
    GPU:
    GF RTX 2070 Super
    Utility (and PowerShell script from MS) uses Win API function to test the state of mitigations. On unpatched Windows this function returns either 0xC0000003 or 0xC0000002 error code. This allows to distinguish patched Windows from unpatched one. Both errors just means that function doesn`t understand parameters passed into. And patch simply adds support for those parameters.
    Here are two values of error for that:

    MessageId: STATUS_NOT_IMPLEMENTED
    MessageText: {Not Implemented} The requested operation is not implemented.
    #define STATUS_NOT_IMPLEMENTED ((NTSTATUS)0xC0000002)

    MessageId: STATUS_INVALID_INFO_CLASS
    MessageText: {Invalid Parameter} The specified information class is not a valid information class for the specified object.
    #define STATUS_INVALID_INFO_CLASS ((NTSTATUS)0xC0000003)

    (https://msdn.microsoft.com/en-us/library/cc704588.aspx)

    I can bore you further. Mentioned function returns so called NTSTATUS error code instead of so called system error code. There is special Win API function which gets error message by NTSTATUS error code. But this function is too uncomfortable to call from .Net code. So instead I decided to use special Win API function which converts NTSTATUS error code into system error code and then to use special Win API function which gets error message by system error code. Thus instead of original message "Invalid Parameter" you see "The parameter is incorrect".
     
    Last edited: Jan 14, 2018
  14. Dragondale13

    Dragondale13 Ancient Guru

    Messages:
    1,500
    Likes Received:
    225
    GPU:
    GTX 1070 AMP! • H75
    This is what I'm getting.
    So if I were to try the Vmware driver trick, it should read hardware support present: True?
    Speculation control settings for CVE-2017-5715 [branch target injection]

    Hardware support for branch target injection mitigation is present: False
    Windows OS support for branch target injection mitigation is present: True
    Windows OS support for branch target injection mitigation is enabled: False
    Windows OS support for branch target injection mitigation is disabled by system policy: False
    Windows OS support for branch target injection mitigation is disabled by absence of hardware support: True



    Speculation control settings for CVE-2017-5754 [rogue data cache load]

    Hardware requires kernel VA shadowing: True
    Windows OS support for kernel VA shadow is present: True
    Windows OS support for kernel VA shadow is enabled: True
    Windows OS support for PCID performance optimization is enabled: False [not required for security]



    Additional CPU information

    Name: Intel(R) Core(TM) i7-3930K CPU @ 3.20GHz
    Description: Intel64 Family 6 Model 45 Stepping 7
    CPUID: 0x000206D7



    Additional OS information

    Name: Microsoft Windows 10 Pro
    Architecture: 64-bit
    Build: 16299
    SKU: 48
    Service Pack: 0.0

    Edit: Enabled Mitigations through registry, installed the Vmware microcode update and status checker says the same thing as the spoiler.
     
    Last edited: Jan 15, 2018
  15. mbk1969

    mbk1969 Ancient Guru

    Messages:
    11,486
    Likes Received:
    9,191
    GPU:
    GF RTX 2070 Super
    It should but only in case CPU received updated microcode through VMware driver. You can check that: go to "Event Viewer => System" and look for events from "cpumcupdate" source. One event is about initialization of driver and second event is about whether newer microcode was loaded or not.
     

  16. Dragondale13

    Dragondale13 Ancient Guru

    Messages:
    1,500
    Likes Received:
    225
    GPU:
    GTX 1070 AMP! • H75
    I'll try again but I think it's a lost cause because I put the "new" MC into my bios and flashed it but still no dice.Intel put the date as 08012018 but internally nothing has changed for my CPU, it's still the same file as the old mc from 2014.
     
  17. mbk1969

    mbk1969 Ancient Guru

    Messages:
    11,486
    Likes Received:
    9,191
    GPU:
    GF RTX 2070 Super
    It can be. Intel issues whole package with microcodes, some updated, others not, but they are all part of package issued at specific date. Don`t be discouraged yet, because Intel promised to update microcodes for many CPUs.
     
    Last edited: Jan 15, 2018
    Dragondale13 likes this.
  18. CrazY_Milojko

    CrazY_Milojko Ancient Guru

    Messages:
    2,426
    Likes Received:
    986
    GPU:
    Asus STRIX 1070 OC
    Looking at your spoiler above your Sandy Bridge-E based Core i7-3930K CPUID = 206D7, latest Intel CPU microcode in database:
    https://github.com/platomav/CPUMicrocodes/tree/master/Intel
    ...for it is 710 dated 2013-06-17

    Intel latest CPU microcode package dated 2018-01-08 contains latest Intel CPU microcodes but as mbk1969 alrady said not all of them are updated to mitigate Meltdows/Spectre security flaw.
    These CPU's (taken from readme file) are the ones with fixed microcode:
    IVT C0 (06-3e-04:ed) 428->42a
    SKL-U/Y D0 (06-4e-03:c0) ba->c2
    BDW-U/Y E/F (06-3d-04:c0) 25->28
    HSW-ULT Cx/Dx (06-45-01:72) 20->21
    Crystalwell Cx (06-46-01:32) 17->18
    BDW-H E/G (06-47-01:22) 17->1b
    HSX-EX E0 (06-3f-04:80) 0f->10
    SKL-H/S R0 (06-5e-03:36) ba->c2
    HSW Cx/Dx (06-3c-03:32) 22->23
    HSX C0 (06-3f-02:6f) 3a->3b
    BDX-DE V0/V1 (06-56-02:10) 0f->14
    BDX-DE V2 (06-56-03:10) 700000d->7000011
    KBL-U/Y H0 (06-8e-09:c0) 62->80
    KBL Y0 / CFL D0 (06-8e-0a:c0) 70->80
    KBL-H/S B0 (06-9e-09:2a) 5e->80
    CFL U0 (06-9e-0a:22) 70->80
    CFL B0 (06-9e-0b:02) 72->80

    SKX H0 (06-55-04:b7) 2000035->200003c
    GLK B0 (06-7a-01:01) 1e->22

    edit:
    It looks like only those ones above bolded & underlined are the ones with microcode made on 2018-01-04 who contain Meltdown/Spectre security flaw fix.
     
    Last edited: Jan 15, 2018
    Dragondale13 likes this.
  19. Dragondale13

    Dragondale13 Ancient Guru

    Messages:
    1,500
    Likes Received:
    225
    GPU:
    GTX 1070 AMP! • H75
    @ mbk1969, CrazY_Milojko - I knew I wasn't going crazy yet.I'll just wait on Intel then, thanks for your help.Now to set back my system overclock when I get home. :)
     
  20. mbk1969

    mbk1969 Ancient Guru

    Messages:
    11,486
    Likes Received:
    9,191
    GPU:
    GF RTX 2070 Super
    You understand of course that applying constant/permanent overclock you help hackers to finish Spectre attack faster. Go for overclock for games and underclock for browsers. :cool:
     

Share This Page