In addition, anyone know if there is a typo on the second registry key (heighted belew) that needs to be set, seems like the value should be 0 …..
Switch | Registry Settings To enable the fix reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management" /v FeatureSettingsOverride /t REG_DWORD /d 0 /f reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management" /v FeatureSettingsOverrideMask /t REG_DWORD /d 3 /f reg add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Virtualization" /v MinVmVersionForCpuBasedMitigations /t REG_SZ /d "1.0" /f If this is a Hyper-V host: fully shutdown all Virtual Machines. Restart the server for changes to take effect. To disable this fix reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management" /v FeatureSettingsOverride /t REG_DWORD /d 3 /f reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management" /v FeatureSettingsOverrideMask /t REG_DWORD /d 3 /f Restart the server for the changes to take effect. (There is no need to change MinVmVersionForCpuBasedMitigations.) From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On Behalf Of Adam Juelich Sent: Tuesday, January 9, 2018 8:07 PM To: mssms@lists.myitforum.com Subject: Re: [mssms] RE: Confused - Spectre / Meltdown EXTERNAL: This is an external email received from the Internet. Report this message to s...@aramco.com<mailto:s...@aramco.com> if the email contains any suspicious content. ________________________________ Workstation: 1. Registry Key set by A/V (or manually set based on A/V guidance) 2. Windows Update 3. BIOS/Firmware Update from vendor Server: 1. Registry Key set by A/V (or manually set based on A/V guidance) 2. Window Update 3. Push Registry Keys (2 needed, the third is for Hypver-V Hosts - I believe) * Test and monitor performance impact 1. BIOS/Firmware Update from vendor That is my understanding thus far........... Good thing we have nothing else to do ;-) On Tue, Jan 9, 2018 at 10:48 AM, Brian Illner <brian.ill...@canal-ins.com<mailto:brian.ill...@canal-ins.com>> wrote: My understanding was that those keys were just for the ServerOS? I have a Dell laptop that I completed all the tasks for and it does not have the memory management keys and yet it shows as all green in SpeculationControl? Come on MS, your information is changing hourly as each team contradicts the other BRIAN ILLNER | Canal Insurance Company 864.250.9227<tel:(864)%20250-9227> 864.679.2537<tel:(864)%20679-2537> Fax [cid:image001.jpg@01D3898D.2B997E30] Visit canalinsurance.com<http://canalinsurance.com> for news and information. [cid:image002.jpg@01D3898D.2B997E30]<https://www.linkedin.com/company/canal-insurance-company> WARNING: As the information in this transmittal (including attachments, if any) may contain confidential, proprietary, or business trade secret information, it should only be reviewed by those who are the intended recipients. Unless you are an intended recipient, any review, use, disclosure, distribution or copying of this transmittal (or any attachments) is strictly prohibited. If you have received this transmittal in error, please notify me immediately by reply email and destroy all copies of the transmittal. While Canal believes this transmittal to be free of virus or other defect, it is the responsibility of the recipient to ensure that it is virus free and no responsibility is accepted by Canal (or its subsidiaries and affiliates) for any loss or damage arising therefrom. From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> [mailto:listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com>] On Behalf Of Kent, Mark Sent: Tuesday, January 9, 2018 11:00 AM To: mssms@lists.myitforum.com<mailto:mssms@lists.myitforum.com> Subject: [mssms] RE: Confused - Spectre / Meltdown Yeah I see them at the bottom of https://support.microsoft.com/en-us/help/4073119/protect-against-speculative-execution-side-channel-vulnerabilities-in And they don’t really say what they are for. Keep refreshing the page, wait for an edit ☺ Mark Kent Manager, Client Systems Engineering Technology Support Services Resources for Information, Technology and Education (RITE) http://rite.buffalostate.edu<http://rite.buffalostate.edu/> From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> [mailto:listsad...@lists.myitforum.com] On Behalf Of SCCM FUN Sent: Tuesday, January 9, 2018 10:02 AM To: mssms@lists.myITforum.com<mailto:mssms@lists.myITforum.com> Subject: [mssms] Confused - Spectre / Meltdown Can anyone confirm the following? Workstation/Servers - both need the AV key in order to do any patching going forward Workstation At one point in the MS article for workstation patching (4073119) I could of sworn there wasn't anything about having to making registry settings (except for AV) but now it looks like they added 2 registry keys. Were these 2 reg keys always in the KB/needed? reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management" /v FeatureSettingsOverride /t REG_DWORD /d 0 /f reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management" /v FeatureSettingsOverrideMask /t REG_DWORD /d 3 /f Server 3 reg keys need to be added for the server patch to take effect. Are you enabling this on all your servers or just the 3 use cases they list in their article (4072698). reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management" /v FeatureSettingsOverride /t REG_DWORD /d 0 /f reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management" /v FeatureSettingsOverrideMask /t REG_DWORD /d 3 /f reg add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Virtualization" /v MinVmVersionForCpuBasedMitigations /t REG_SZ /d "1.0" /f Thanks ________________________________ The contents of this email, including all related responses, files and attachments transmitted with it (collectively referred to as “this Email”), are intended solely for the use of the individual/entity to whom/which they are addressed, and may contain confidential and/or legally privileged information. This Email may not be disclosed or forwarded to anyone else without authorization from the originator of this Email. If you have received this Email in error, please notify the sender immediately and delete all copies from your system. Please note that the views or opinions presented in this Email are those of the author and may not necessarily represent those of Saudi Aramco. The recipient should check this Email and any attachments for the presence of any viruses. Saudi Aramco accepts no liability for any damage caused by any virus/error transmitted by this Email.