IT Process Automation: Meltdown and Spectre Mitigation – Query Windows Protections

This Goverlan Automation dispatches the execution of the Microsoft Speculation Control script on all your machines and returns a nicely formatted report showing their enabled Windows protections state.

Posted on January 19, 2018 by -

Since the disclosure of Meltdown and Spectre, companies like Microsoft, Apple, Intel and AMD are racing to release patches to close the security holes. However, the proposed actions are far from smooth or practical, especially for large enterprise with thousands of workstations and servers.

This Goverlan Automation dispatches the execution of the Microsoft Speculation Control script on all your machines. The result is a nicely formatted report showing the enabled Windows protections state of your Windows machines.

Since Goverlan Process Automation uses a real-time push technology, it allows a quick and realistic monitoring of the mitigation progress.

Using the Goverlan Speculation Control Automation

NOTE: This automation requires Goverlan v9.01.21 or later. If you do not have Goverlan Reach yet, get it here.

Step 1 – Import the Automation

Download and drag/drop the .GSA file in the Goverlan Process Automation main view (or click Open if you are accessing this site from the Goverlan Console Welcome Page).

Step 2 – Import the Script

This automation depends on the Goverlan PowerShell script: GovSpeculationControl.ps1 which can be downloaded here. This script deals with properly acquiring the latest version of the Microsoft script, running it and rendering the output data in a format that Goverlan can understand.

Once you have downloaded the GovSpeculationControl.ps1 script, you need to place it where the Goverlan automation expects it, that is in the following directory:

%ProgramData%\GoverlanScripts\GovSpeculationControl.ps1

Step 3 – Configure the Scope

Configure the scope of machines that you want to process in each scan. To do so, open the automation properties, select the Scope section and add the target systems there:

Step 4 – Run the Automation and View the Report

You are now ready to run this automation on an ad-hoc basis, or schedule its execution. Simply select the automation and click on the Run button.

The execution time may vary but can be expected to be very short. Hundreds of endpoints can be processed in a matter of minutes. Upon completion, a report of the enabled Meltdown and Spectre Windows Protections for all endpoints is displayed in an Excel Spreadsheet:

For further information about this Goverlan Process Automation, view our blog article.