Microsoft released a module a couple of years ago (updated 3 weeks ago) that you can use to identify whether your hardware is vulnerable against Spectre and Meltdown threats. To try this, install the module from the PowerShell Gallery:
Install-Module -Name SpeculationControl -Scope CurrentUser
To run the test suite and see results, then type this:
PS> Get-SpeculationControlSettings
This shows the test results for your machine and may look similar to this:
For more information about the output below, please refer to https://support.microsoft.com/help/4074629
Speculation control settings for CVE-2017-5715 [branch target injection]
Hardware support for branch target injection mitigation is present: True Windows OS support for branch target injection mitigation is present: True Windows OS support for branch target injection mitigation is enabled: True
Speculation control settings for CVE-2017-5754 [rogue data cache load]
Hardware is vulnerable to rogue data cache load: False
Hardware requires kernel VA shadowing: False
Speculation control settings for CVE-2018-3639 [speculative store bypass]
Hardware is vulnerable to speculative store bypass: True Hardware support for speculative store bypass disable is present: True Windows OS support for speculative store bypass disable is present: True Windows OS support for speculative store bypass disable is enabled system-wide: False
Speculation control settings for CVE-2018-3620 [L1 terminal fault]
Hardware is vulnerable to L1 terminal fault: False
Speculation control settings for MDS [microarchitectural data sampling]
Windows OS support for MDS mitigation is present: True Hardware is vulnerable to MDS: False
Speculation control settings for SBDR [shared buffers data read]
Windows OS support for SBDR mitigation is present: True Hardware is vulnerable to SBDR: True Windows OS support for SBDR mitigation is enabled: False
Speculation control settings for FBSDP [fill buffer stale data propagator]
Windows OS support for FBSDP mitigation is present: True Hardware is vulnerable to FBSDP: True Windows OS support for FBSDP mitigation is enabled: False
Speculation control settings for PSDP [primary stale data propagator]
Windows OS support for PSDP mitigation is present: True Hardware is vulnerable to PSDP: True Windows OS support for PSDP mitigation is enabled: False
Suggested actions
* Follow the guidance for enabling Windows Client support for speculation control mitigations described in https://support.microsoft.com/help/4073119
BTIHardwarePresent : True BTIWindowsSupportPresent : True BTIWindowsSupportEnabled : True BTIDisabledBySystemPolicy : False BTIDisabledByNoHardwareSupport : False BTIKernelRetpolineEnabled : False BTIKernelImportOptimizationEnabled : True RdclHardwareProtectedReported : True RdclHardwareProtected : True KVAShadowRequired : False KVAShadowWindowsSupportPresent : True KVAShadowWindowsSupportEnabled : False KVAShadowPcidEnabled : False SSBDWindowsSupportPresent : True SSBDHardwareVulnerable : True SSBDHardwarePresent : True SSBDWindowsSupportEnabledSystemWide : False L1TFHardwareVulnerable : False L1TFWindowsSupportPresent : True L1TFWindowsSupportEnabled : False L1TFInvalidPteBit : 0 L1DFlushSupported : True HvL1tfStatusAvailable : True HvL1tfProcessorNotAffected : True MDSWindowsSupportPresent : True MDSHardwareVulnerable : False MDSWindowsSupportEnabled : False FBClearWindowsSupportPresent : True SBDRSSDPHardwareVulnerable : True FBSDPHardwareVulnerable : True PSDPHardwareVulnerable : True FBClearWindowsSupportEnabled : False
PS>
