Microsoft releases workaround for CVE-2022-0001 Specter Security Vulnerability



 MSRC Blog:

Released: Apr 9, 2024
Last updated: Apr 11, 2024

Assigning CNA:
Intel Corporation
CVE-2022-0001

Impact: Information Disclosure Max Severity: Important
Weakness: CWE-1303: Non-Transparent Sharing of Microarchitectural Resources
CVSS Source: Intel Corporation
CVSS: 3.1 4.7 / 4.1

Executive Summary​

This CVE was assigned by Intel. Please see CVE-2022-0001 on CVE.org for more information.

Exploitability​

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Publicly disclosedExploitedExploitability assessment
NoNoExploitation Less Likely

FAQ​

Why is this Intel CVE included in the Security Update Guide?
The vulnerability assigned to this CVE is in certain processor models offered by Intel and was initially disclosed March 8, 2022. Intel published updates April 9, 2024 and this CVE is being documented in the Security Update Guide to inform customers of the available mitigation and its potential performance impact. The mitigation for this vulnerability is disabled by default and manual action is required for customers to be protected.

The following documentation was updated by Intel on April 9, 2024 and can be referenced for more information:
What steps are required to protect my system against the vulnerability?
We are providing the following registry information to enable the mitigations for this CVE.

Important: This section, method, or task contains steps that tell you how to modify the registry. However, serious problems might occur if you modify the registry incorrectly. Therefore, make sure that you follow these steps carefully. For added protection, back up the registry before you modify it. Then, you can restore the registry if a problem occurs. For more information about how to back up and restore the registry see How to back up and restore the registry in Windows.

To enable the mitigation for CVE-2022-0001 on Windows devices and clients using Intel Processors:
  • Code:
    reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management" /v FeatureSettingsOverride /t REG_DWORD /d 0x00800000 /f
  • Code:
    reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management" /v FeatureSettingsOverrideMask /t REG_DWORD /d 0x00000003 /f
REG file for the above:

Add: Download

Undo: Download

Customers who wish to implement the mitigation within their systems can also refer to the following for more information.
To enable the mitigation for CVE-2022-0001 on Linux devices and clients using Intel Processors:
Can I expect any performance impact after I configure the registry keys?
In some cases, installing these updates will have a performance impact. In testing Microsoft has seen some performance impact with this mitigation. Microsoft values the security of its software and services but made the decision to allow users and administrators to evaluate the performance impact and risk exposure before deciding to enable the mitigation.


 Read more:

 

Attachments

Last edited:
This one is working but the vulnerability is increase the cve to 5 and also critical for 0x00802048 value but using 8264 value create only low vulnerability and only 1 CVE for windows server 2016

reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management" /v FeatureSettingsOverride /t REG_DWORD /d 0x00802048 /f

Any suggestion to resolve this CVE-2022-0001

I didn't understand.
I included the mitigation calculation with Hyper-V enabled.
The Microsoft example shows it with disabled.
Use the speculate control tool to check what is enabled.
 

My Computer

System One

  • OS
    Windows 11 Pro
    Computer type
    PC/Desktop
    Manufacturer/Model
    ASUS
    CPU
    Intel Core i7-13700KF
    Motherboard
    ASUS TUF GAMING B660M-PLUS D4
    Memory
    16GB DDR4-3731 / PC4-29800 DDR4 SDRAM UDIMM
    Graphics Card(s)
    NVIDIA GeForce RTX 4060 TI
    Sound Card
    RealTek ALC897
    Monitor(s) Displays
    ASUS TUF Gaming VG32V
    Screen Resolution
    2560 x 1440
    Hard Drives
    Corsair MP600 CORE XT 4TB
    PSU
    650 W
    Case
    Cooler Master Elite 300
    Cooling
    Thermalright Phantom Spirit 120 Evo
    Keyboard
    Dell Keyboard
    Mouse
    Alienware Mouse
    Internet Speed
    500 mb/s
    Browser
    Edge
    Antivirus
    Kaspersky Plus
    Other Info
    CineBench R23
    28851
I didn't understand.
I included the mitigation calculation with Hyper-V enabled.
The Microsoft example shows it with disabled.
Use the speculate control tool to check what is enabled.
im using vmware with windows server 2016

applying this create

CVE-2019-11091
CVE-2018-12126
CVE-2019-11135
CVE-2018-12127
1716349705135.png
but following the instruction from the CrowdStrike create only 1 cve

CVE-2022-0001
1716349828249.png

im still looking to resolve this CVE-2022-0001 with out creating multiple cve by resolving the issue
 

My Computer

System One

  • OS
    windows server

My Computer

System One

  • OS
    Windows 11
    Computer type
    PC/Desktop
    Manufacturer/Model
    Asus
    CPU
    Intel Core i7 13700ks
    Motherboard
    Asus B660M Plus D4
    Memory
    DDR4 32GB
    Graphics Card(s)
    Asus Dual RTX 4060 TI
    Monitor(s) Displays
    ASUS VG32V
    Screen Resolution
    2560 x 1440
Somehow I missed reading this post earlier, does this still need to be done if one is installing or in-place replace install a recent 24H2 build?
 

My Computer

System One

  • OS
    Windows XP/7/8/8.1/10/11, Linux, Android, FreeBSD Unix
    Computer type
    Laptop
    Manufacturer/Model
    Dell XPS 15 9570
    CPU
    Intel® Core™ i7-8750H 8th Gen 2.2Ghz up to 4.1Ghz
    Motherboard
    Dell XPS 15 9570
    Memory
    64GB using 2x32GB CL16 Mushkin redLine modules
    Graphics Card(s)
    Intel UHD 630 & NVIDIA GeForce GTX 1050 Ti with 4GB DDR5
    Sound Card
    Realtek ALC3266-CG
    Monitor(s) Displays
    15.6" 4K Touch UltraHD 3840x2160 made by Sharp
    Screen Resolution
    3840x2160
    Hard Drives
    Toshiba KXG60ZNV1T02 NVMe 1TB SSD
    PSU
    Dell XPS 15 9570
    Case
    Dell XPS 15 9570
    Cooling
    Stock
    Keyboard
    Stock
    Mouse
    SwitftPoint ProPoint
    Internet Speed
    Comcast/XFinity 1.44Gbps/42.5Mbps
    Browser
    Microsoft EDGE (Chromium based) & Google Chrome
    Antivirus
    Windows Defender that came with Windows

Latest Support Threads

Back
Top Bottom