Meltdown and Spectre vulnerabilities — PowerShell Script

Microsoft has released a PowerShell module that lets the average user check if the chip vulnerabilities are enabled on your system or not. Microsoft has already known about this issue since June 2017, but has only started to release the update for Windows OS. To make sure that you pass the checks, you will need to have an updated Windows OS with the January 2018 Security updates, and the BIOS/Firmware update for your PC.

I thought it would be best to provide the average computer user a quick way to test the system and therefore I have created this simple script. This script first turns Admin mode on, but that might require you to confirm the User Account Control (UAC) window. Then it will make sure ExecutionPolicy is set to RemoteSigned. After this, the script will check to see if PSRepository called PSGallery is trusted. Once all of that is done the script will run SpeculationControlSettings and give you an output like this.

You can find the script explained below or download it from my GitHub page.

The image above is full of read and False checks, but take a good look at the suggested actions. Installing/updating BIOS/Firmware and the January 2018 Security Update will fix the False readings to true. I am unable to install the BIOS without Company Admin password, but I have installed the January 2018 Security Update. You can see that image below.

 


### Checks if Administration mode is on ###
Function Test_Admin {
$currentUser = New-Object Security.Principal.WindowsPrincipal $([Security.Principal.WindowsIdentity]::GetCurrent())
$currentUser.IsInRole([Security.Principal.WindowsBuiltinRole]::Administrator)
}
if ((Test_Admin) -eq $false) {
if ($elevated)
{
# tried to elevate, did not work, aborting
}
else {
Start-Process powershell.exe -Verb RunAs -ArgumentList ('-noprofile -noexit -file "{0}" -elevated' -f ($myinvocation.MyCommand.Definition))
}

exit
}

### Runs Meltdown_Spectre Script ###
Function Meltdown_Spectre {
Set-ExecutionPolicy RemoteSigned -Scope Currentuser
Set-PSRepository -Name PSGallery -InstallationPolicy Trusted
Get-ExecutionPolicy
Install-Module -Name SpeculationControl
Import-Module SpeculationControl
Get-SpeculationControlSettings
}

Function Run {
Test_Admin
Meltdown_Spectre
}

Run

Advertisements

PowerShell: Connecting to Azure!

Here comes the Azure PowerShell module!
To automate the provisioning and management of Window Azure, you’ll need the Azure PowerShell module. The Azure team makes this module available as a free download, and this module provides approximately 180 Windows PowerShell cmdlets for automating Azure storage, virtual machines, virtual networks, and other cloud services.

To get started, you’ll need the following prerequisite items:

An Azure subscription – If you don’t currently have a paid subscription, you can sign-up for a FREE trial subscription on the Azure account site.
Azure PowerShell module – Download and install the Azure PowerShell module on a PC running Windows PowerShell 2.0 or Windows PowerShell 3.0.
After you satisfy these prerequisites, you’ll be prepared to follow along with the rest of this post.

Connect PowerShell to your Azure subscription.
After downloading and installing the Azure PowerShell module, you need to perform the following initial steps from Windows PowerShell to configure connection information for your Azure subscription. After you perform these steps the first time, the configuration is saved locally, and you do not need to perform these steps again.

1. Set the Windows PowerShell script execution policy to RemoteSigned:

Set-ExecutionPolicy -ExecutionPolicy RemoteSigned

2. Import the Azure PowerShell module:

Import-Module Azure

After you complete the steps in this section, Windows PowerShell is configured to connect to your Azure subscription. To test this connection, enter the following cmdlet to connect to Azure and enumerate your subscription information:

Get-AzureSubscription

#Install AzureRM Module
Install-Module AzureRM
http://aka.ms/webpi-azps

# To log in to Azure Resource Manager
$cred = Get-Credential -Credential Domain\User
Login-AzureRmAccount -Credential $cred

# To view all subscriptions for your account
Get-AzureRmSubscription | Select-AzureRmSubscription

# To select a default subscription for your current session.
$subscription = "NAME OF YOUR SUBSCRIPTION GOES HERE"
Get-AzureRmSubscription -SubscriptionName $subscription | Select-AzureRmSubscription