none
SCOM MP for Meltdown / Spectre Status ? RRS feed

  • Question

  • Hello,

    Is there a way to get the Status / Alarm for  Meltdown/Spectre in SCOM ?

    Is someone @Microsoft to develop something for this ?

    Regards

    Claus

    Thursday, January 11, 2018 2:53 PM

Answers

  • You could roll your own and use the get the Get-SpeculationControlSettings powershell script from MS and use that as the basis of the MP logic to look for systems that has the vulnerabilities active. 
    • Marked as answer by cpleclercq Monday, January 15, 2018 2:32 PM
    Thursday, January 11, 2018 5:44 PM

All replies

  • Hi Claus,

    no there isn't for sure.

    I am pretty sure also that nobody at Microsoft will develop such MP, simply because they cover MS related apps and services. This is Intel and I expect soon that they will release some kind of workaround or a solution for this. 

    Hope I could help. Regards,


    Stoyan (Please take a moment to "Vote as Helpful" and/or "Mark as Answer" where applicable. This helps the community, keeps the forums tidy, and recognizes useful contributions. Thanks!) Blog: https://blog.pohn.ch/ Twitter: @StoyanChalakov

    Thursday, January 11, 2018 3:18 PM
    Moderator
  • What would you like an alert for, precisely?

    Patchs/KB not installed? That is more something that should be handled with your patch deployment system (sccm...), but that could be done fairly easily with scom too.

    Virus exploiting one of them? That would be something to handle with your antivirus.

    What else?


    • Edited by CyrAz Thursday, January 11, 2018 5:01 PM
    Thursday, January 11, 2018 5:01 PM
  • You could roll your own and use the get the Get-SpeculationControlSettings powershell script from MS and use that as the basis of the MP logic to look for systems that has the vulnerabilities active. 
    • Marked as answer by cpleclercq Monday, January 15, 2018 2:32 PM
    Thursday, January 11, 2018 5:44 PM