How to test MS meltdown spectre patches work

How do we verify the patches effectively mitigate?
sunhuxAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Hello ThereSystem AdministratorCommented:
There is MS script that tests if your device has all patches implemented. HERE.
1
JohnBusiness Consultant (Owner)Commented:
You can test if the patch is install per the above link.  

You cannot test that the patch performs correctly. We can only hope that Microsoft (and other) coders did their job correctly.
0
Ashok DewanFreelancerCommented:
You can download below tool to check if PC is vulnerable or not.

https://www.ashampoo.com/en/usd/pin/1304/security-software/spectre-meltdown-cpu-checker
1
Discover the Answer to Productive IT

Discover app within WatchGuard's Wi-Fi Cloud helps you optimize W-Fi user experience with the most complete set of visibility, troubleshooting, and network health features. Quickly pinpointing network problems will lead to more happy users and most importantly, productive IT.

ste5anSenior DeveloperCommented:
By running the accoring PoC's before and after installing these patches.
0
btanExec ConsultantCommented:
At best you can verify the kernel or OS fixes are in place (vendor may add more than capability to address beyond the exploit). Nonetheless, there is still Microcode for processor that will requires onsite check.
Run the powershell as also shared by the experts (and also in the advisory). It is a bit hard to read the findings, but as long as you see "true", it means that protection is available while "false" means that it is not. But do check on your AV to be patched as well
https://support.microsoft.com/en-us/help/4073119/protect-against-speculative-execution-side-channel-vulnerabilities-in
https://docs.google.com/spreadsheets/d/184wcDt9I9TUNFFbsAVLpzAtckQxYiuirADzf3cL42FQ/htmlview?usp=sharing&sle=true

For microcodes, I see only INtel release for linux so far. You should also check out the browser latest update too and hardening to reduce the exposure on top of the OS. Same applies for VMware and Citrix especially when you are a VM or VDI environment

This list of advisories can be handy https://www.bleepingcomputer.com/news/security/list-of-meltdown-and-spectre-vulnerability-advisories-patches-and-updates/
1

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
sunhuxAuthor Commented:
It's our ATM machines vendor who told us that they only apply the MS patches but we have to certify the patches work on those 'highly customized Windows' that run on the ATMs.

Come to think of what John said: we have to trust that MS and the principals that release the patches have tested & certified them.  Dawned upon me that if we were to certify/test the patches work, then every single patches (for other vendors products including UNIXes, DB, network etc) had to be "re-certified" by us, simply because we don't trust the principals??
0
JohnBusiness Consultant (Owner)Commented:
You need to ask the ATM vendor how to do certification testing as that would be quite complicated
0
btanExec ConsultantCommented:
MS is for the general mass using the OS build. For the customized version, it should be from the ATM vendor and agree with John that there is a set of security testing to validate patches and version log of the release. Unlikely it is just a simple patch per se. The lab test report would have cover the test set that you should verify again and set observation period to ascertain any impact to system and services.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Vulnerabilities

From novice to tech pro — start learning today.