KB4074629 fixes PowerShell vulnerabilities in Windows 10&11

Install these scripts if you want to be rid of this issue

Reading time icon 3 min. read


Readers help support Windows Report. When you make a purchase using links on our site, we may earn an affiliate commission. Tooltip Icon

Read the affiliate disclosure page to find out how can you help Windows Report effortlessly and without spending any money. Read more

Key notes

  • Microsoft released new PowerShell scripts through a cumulative update.
  • Various security advisories will cover the following nine vulnerabilities.
  • Check out everything you need to know about this update and what it does.
powershell

We’re always talking about exercising safety while online, and preaching caution when it comes to your own sensitive information.

On that note, know that Microsoft has completely re-labeled all the major threat actors and has made it easier to identify each and every one of them.

Also, a few days ago, the dreaded Windows 11 LSA bug was fixed with kernel-mode hardware stack protection.

And, since we’re talking about Windows 11, know that you now can diagnose network problems on Windows 11’s taskbar.

Now, another major issue has been apparently dealt with, since Microsoft posted an interesting article on its official page.

Microsoft comes with PowerShell scripts for multiple flaws

In case you didn’t know, last month Microsoft issued PowerShell scripts for automating WinRE updates to address BitLocker bypass security vulnerability.

The Redmond-based tech company has released new PowerShell scripts again, and we’re about to take a closer look at them.

This time, however, they are for multiple different speculative execution side-channel attack CPU vulnerabilities on Windows 11 and Windows 10.

To better understand, remember that one of these includes the memory mapped IO (MMIO) flaw which received newly updated patches recently on Windows 10 and Server.

The above-mentioned scripts are meant to help verify the status of mitigations of these vulnerabilities. Or, at least that’s what Microsoft claims.

According to Redmond, to help you verify the status of speculative execution side-channel mitigations, it published a PowerShell script (SpeculationControl) that can run on your devices.

Security advisories ADV180002ADV180012ADV180018, and ADV190013 cover the following nine vulnerabilities:

  • CVE-2017-5715 (branch target injection)
  • CVE-2017-5753 (bounds check bypass)
  • CVE-2017-5754 (rogue data cache load)
  • CVE-2018-3639 (speculative store bypass)
  • CVE-2018-3620 (L1 terminal fault – OS)
  • CVE-2018-11091 (Microarchitectural Data Sampling Uncacheable Memory (MDSUM))
  • CVE-2018-12126 (Microarchitectural Store Buffer Data Sampling (MSBDS))
  • CVE-2018-12127 (Microarchitectural Load Port Data Sampling (MLPDS))
  • CVE-2018-12130 (Microarchitectural Fill Buffer Data Sampling (MFBDS))
Note icon NOTE
Protection for CVE-2017-5753 (bounds check) does not require additional registry settings or firmware updates.

Advisory ADV220002 covers additional Memory-Mapped I/O (MMIO) related vulnerabilities:

  • CVE-2022-21123 – Shared Buffer Data Read (SBDR)
  • CVE-2022-21125 – Shared Buffer Data Sampling (SBDS)
  • CVE-2022-21127 – Special Register Buffer Data Sampling Update (SRBDS Update)
  • CVE-2022-21166 – Device Register Partial Write (DRPW)

You will find a lot more information and useful tricks by visiting Microsoft’s official website. There is a lot more Microsoft hasn’t shared yet, so we are still waiting on updates.

In the meantime, be sure to check out the April 2023 Patch Tuesday release. This month’s update pack consists of 97 patches that address various vulnerabilities.

You can find the direct download links for both Windows 11 and Windows 10. We’ve also prepared a list of the updates issued for Windows 7 and 8.1.

Leave a comment below and let us know if you found any other issues after installing KB4074629 on your Windows 11 PC.

More about the topics: Windows 11 Software & Apps