Test ID:	1.3.6.1.4.1.25623.1.0.812678
Category:	Windows : Microsoft Bulletins
Title:	Spectre Variant 2 (CVE 2017-5715) Branch Target Injection Update Disable (KB4078130)
Summary:	This host is missing a critical update; according to Microsoft KB4078130
Description:	Summary: This host is missing a critical update according to Microsoft KB4078130 Vulnerability Insight: Intel has reported issues with recently released microcode meant to address Spectre variant 2 (CVE 2017-5715 Branch Target Injection) specifically Intel noted that this microcode can cause 'higher than expected reboots and other unpredictable system behavior'. On January 22, 2018 Intel recommended that customers stop deploying the current microcode version on impacted processors while they perform additional testing on the updated solution. While Intel tests, updates and deploys new microcode, Microsoft is providing update KB4078130 that specifically disables only the mitigation against CVE-2017-5715 'Branch target injection vulnerability'. This update has been found to prevent the behavior described. Vulnerability Impact: Installing and enabling update for Spectre Variant 2 may result in 'data loss or corruption'. Also system instability can in some circumstances cause data loss or corruption. Affected Software/OS: - Microsoft Windows Server 2016 - Microsoft Windows Server 2012 R2 - Microsoft Windows 8.1 for 32-bit/x64 - Microsoft Windows 10 - Microsoft Windows 7 for 32-bit/x64 Systems Service Pack 1 - Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 - Microsoft Windows Server 2008 x32/x64 Edition Service Pack 2 Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Copyright	Copyright (C) 2018 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.