4073119 and protect against speculative execution side-channel vulnerabilities RRS feed

  • Question

  • Hello all.

    Very first posting here.  I've last night installed the latest cumulative updates and used the Get-SpeculationControlSettings function in PowerShell to view the summary of vulnerabilities.

    Despite making the suggested registry key additions that are outlined in

    "Windows client guidance for IT Pros to protect against speculative execution side-channel vulnerabilities",

    I still get the following result,

    Windows OS support for MDS mitigation is enabled: False

    The same is true for  CVE-2018-3639, eg, 

    Windows OS support for speculative store bypass disable is enabled system-wide: False

    So, two questions:  1. How many others are also in this position; and 2. what further steps are required
    to enable these patches?  

    I have screenshots of the various registry keys, and of the PowerShell results cited above.

    With thanks in advance.
    Thursday, May 16, 2019 9:29 AM