5.6 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
7 High
AI Score
Confidence
High
1.9 Low
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:M/Au:N/C:P/I:N/A:N
0.975 High
EPSS
Percentile
100.0%
This host is missing a critical update
according to Microsoft KB4078130
# SPDX-FileCopyrightText: 2018 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.812678");
script_version("2023-07-20T05:05:18+0000");
script_tag(name:"cvss_base", value:"9.3");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:C/I:C/A:C");
script_tag(name:"last_modification", value:"2023-07-20 05:05:18 +0000 (Thu, 20 Jul 2023)");
script_tag(name:"creation_date", value:"2018-01-29 16:17:29 +0530 (Mon, 29 Jan 2018)");
script_name("Spectre Variant 2 (CVE 2017-5715) Branch Target Injection Update Disable (KB4078130)");
script_tag(name:"summary", value:"This host is missing a critical update
according to Microsoft KB4078130");
script_tag(name:"vuldetect", value:"Check if the Spectre Variant 2 update is
disabled or not.");
script_tag(name:"insight", value:"Intel has reported issues with recently
released microcode meant to address Spectre variant 2 (CVE 2017-5715 Branch
Target Injection) specifically Intel noted that this microcode can cause
'higher than expected reboots and other unpredictable system behavior'. On
January 22, 2018 Intel recommended that customers stop deploying the current
microcode version on impacted processors while they perform additional testing
on the updated solution. While Intel tests, updates and deploys new microcode,
Microsoft is providing update KB4078130 that specifically disables only the
mitigation against CVE-2017-5715 'Branch target injection vulnerability'.
This update has been found to prevent the behavior described.");
script_tag(name:"impact", value:"Installing and enabling update for Spectre
Variant 2 may result in 'data loss or corruption'. Also system instability can
in some circumstances cause data loss or corruption.");
script_tag(name:"affected", value:"- Microsoft Windows Server 2016
- Microsoft Windows Server 2012 R2
- Microsoft Windows 8.1 for 32-bit/x64
- Microsoft Windows 10
- Microsoft Windows 7 for 32-bit/x64 Systems Service Pack 1
- Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1
- Microsoft Windows Server 2008 x32/x64 Edition Service Pack 2");
script_tag(name:"solution", value:"The vendor has released updates. Please see the references for more information.");
script_tag(name:"solution_type", value:"VendorFix");
script_tag(name:"qod_type", value:"registry");
script_xref(name:"URL", value:"https://support.microsoft.com/en-us/help/4078130");
script_xref(name:"URL", value:"https://newsroom.intel.com/news/root-cause-of-reboot-issue-identified-updated-guidance-for-customers-and-partners");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2018 Greenbone AG");
script_family("Windows : Microsoft Bulletins");
script_dependencies("smb_reg_service_pack.nasl");
script_require_ports(139, 445);
script_mandatory_keys("SMB/WindowsVersion");
exit(0);
}
include("smb_nt.inc");
include("secpod_reg.inc");
include("version_func.inc");
include("secpod_smb_func.inc");
if(hotfix_check_sp(win7:2, win7x64:2, win2008r2:2, win8_1:1, win8_1x64:1, win2012R2:1,
win2008:3, win2008x64:3, win2016:1, win10:1, win10x64:1) <= 0){
exit(0);
}
key = "SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management" ;
override = registry_get_dword(key:key, item:"FeatureSettingsOverride");
overridemask = registry_get_dword(key:key, item:"FeatureSettingsOverrideMask");
if(!override || !overridemask)
exit(0);
if((override == 1 && overridemask == 1)|| (override == 3 && overridemask == 3)){
exit(0);
} else if((override == 0 && overridemask == 1) || (override == 0 && overridemask == 3))
{
report = report_fixed_ver(installed_version: "Spectre Variant 2 Mitigation Enabled", fixed_version: "Disable Spectre Variant 2 Mitigation");
security_message(data:report);
exit(0);
}
exit(0);
5.6 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
7 High
AI Score
Confidence
High
1.9 Low
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:M/Au:N/C:P/I:N/A:N
0.975 High
EPSS
Percentile
100.0%