ConfigMgr Speculation Control Baseline FTW!
Update 1/8/2018 – The ConfigMgr product group has released official communications and recommendations on dealing with this vulnerability. Our official guidance from the ConfigMgr product group has been posted here: https://blogs.technet.microsoft.com/configurationmgr/2018/01/08/additional-guidance-to-mitigate-speculative-execution-side-channel-vulnerabilities/.
To download the ConfigMgr baseline and CIs to detect compliancy of machines, visit https://gallery.technet.microsoft.com/Speculation-Execution-Side-1483f621
Additional articles regarding the Speculation Control vulnerability
Security Advisory 180002 - Vulnerability in CPU Microcode Could Allow Information Disclosure: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180002
KB 4073229 - Protect your device against the recent chip-related security vulnerability: https://support.microsoft.com/help/4073229
KB 4073119 - Windows Client Guidance for IT Pros to protect against the speculative execution side-channel vulnerabilities: https://support.microsoft.com/help/4073119
KB 4072698 - Windows Server Guidance to protect against the speculative execution side-channel vulnerabilities: https://support.microsoft.com/help/4072698
KB 4072699 - Important Information regarding the Windows Security Updates Released January 2018 (A/V): https://support.microsoft.com/help/4072699
KB 4073235 - Microsoft Cloud Protections Against Speculative Execution Side-Channel Vulnerabilities: https://support.microsoft.com/help/4073235
KB 4073065 - Surface Guidance for Customers and Partners "Protect your devices against the recent chip-related security vulnerability": https://support.microsoft.com/help/4073065
KB 4073225 - Guide to protect SQL Server against speculative execution side-channel vulnerabilities
https://support.microsoft.com/en-gb/help/4073225/guidance-for-sql-server
Windows Client Updates
Product Name |
KB number |
Download Link |
Windows 10 for 32-bit Systems |
||
Windows 10 for x64-based Systems |
||
Windows 10 Version 1511 for 32-bit Systems |
||
Windows 10 Version 1511 for x64-based Systems |
||
Windows 10 Version 1607 for 32-bit Systems |
||
Windows 10 Version 1607 for x64-based Systems |
||
Windows 10 Version 1703 for 32-bit Systems |
||
Windows 10 Version 1703 for x64-based Systems |
||
Windows 10 Version 1709 for 32-bit Systems |
||
Windows 7 for 32-bit Systems Service Pack 1 |
||
Windows 7 for x64-based Systems Service Pack 1 |
||
Windows 8.1 for 32-bit systems |
||
Windows 8.1 for x64-based systems |
Windows Server Updates
Product Name |
KB number |
Download Link |
Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 |
||
Windows Server 2008 R2 for x64-based Systems Service Pack 1 |
||
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) |
||
Windows Server 2012 |
||
Windows Server 2012 (Server Core installation) |
||
Windows Server 2012 R2 |
||
Windows Server 2012 R2 (Server Core installation) |
||
Windows Server 2016 |
||
Windows Server 2016 (Server Core installation) |
||
Windows Server, version 1709 (Server Core Installation) |
Microsoft SQL
Product Name |
KB number |
Download Link |
Microsoft SQL Server 2016 for x64-based Systems Service Pack 1 (CU) |
||
Microsoft SQL Server 2017 for x64-based Systems |
||
Microsoft SQL Server 2017 for x64-based Systems (CU) |