Skip to content

Query Windows support for security features and mitigations with hardware dependencies

License

Notifications You must be signed in to change notification settings

ralish/QueryHardwareSecurity

Repository files navigation

QueryHardwareSecurity

azure devops license

A work-in-progress utility to query Windows support for security features and mitigations with hardware dependencies.

Requirements

  • Windows 7 or Server 2008 R2 (or newer)
  • Windows PowerShell 3.0 (or newer)
    Built-in since Windows 8 and Server 2012
  • Supported .NET runtimes
    • .NET Framework 4.6.2 (or newer)
      Built-in since Windows 10 1607 and Server 2016
    • .NET 6.0
    • .NET 8.0

Resources

Microsoft

CPU vendors

Miscellaneous

Glossary

General

  • DMA
    Direct Memory Access
  • MMIO
    Memory-mapped I/O
  • PTE
    Page Table Entry
  • SMM
    System Management Mode
  • TPM
    Trusted Platform Module
  • VA
    Virtual Address
  • VMM
    Virtual Machine Monitor

Firmware

  • BIOS
    Basic Input/Output System
  • MOR
    Memory Overwrite Request Control
  • PCR
    Platform Configuration Register
  • UEFI
    Unified Extensible Firmware Interface

Processor features

  • APIC
    Advanced Programmable Interrupt Controller
  • AVIC
    Advanced Virtual Interrupt Controller
  • CET
    Control-Flow Enforcement Technology
  • IBRS
    Indirect Branch Restricted Speculation
    • EIBRS
      Enhanced IBRS
  • INVPCID
    Invalidate Process-Context Identifier
  • MBE
    Mode-Based Execution Control
  • NX
    No-execute
  • PCID
    Process-Context Identifiers
  • SMEP
    Supervisor Mode Execution Protection
  • SSBD
    Speculative Store Bypass Disable
  • STIBP
    Single Thread Indirect Branch Predictor
  • TSX
    Transactional Synchronization Extensions
    • HLE
      Hardware Lock Elision
    • RTM
      Restricted Transactional Memory

Processor vulnerabilities

  • Spectre
    • BCB
      Bounds Check Bypass
    • BCBS
      Bounds Check Bypass Store
    • BTI
      Branch Target Injection
    • RDCL
      Rogue Data Cache Load
    • RSRR
      Rogue System Register Read
    • SSB
      Speculative Store Bypass
  • Foreshadow
    • L1TF
      L1 (Level 1 Data Cache) Terminal Fault
  • MDS
    Microarchitectural Data Sampling
    • L1DES
      L1D Eviction Sampling
    • MDSUM
      Microarchitectural Data Sampling Uncacheable Memory
    • MFBDS
      Microarchitectural Fill Buffer Data Sampling
    • MLPDS
      Microarchitectural Load Port Data Sampling
    • MSBDS
      Microarchitectural Store Buffer Data Sampling
    • TAA
      TSX Asynchronous Abort
    • VRS
      Vector Register Sampling
  • MMIO Stale Data
    Memory-mapped I/O Stale Data
    • DRPW
      Device Register Partial Write
    • SBDR
      Shared Buffers Data Read
    • SBDS
      Shared Buffers Data Sampling
    • SRBDS Update
      Special Register Buffer Data Sampling Update

Windows features

  • HVCI
    Hypervisor-protected code integrity
  • KMCI
    Kernel Mode Code Integrity
  • UMCI
    User Mode Code Integrity
  • VSM
    Virtual Secure Mode
  • WSMT
    Windows SMM Security Mitigations Table

License

All content is licensed under the terms of The MIT License.

About

Query Windows support for security features and mitigations with hardware dependencies

Topics

Resources

License

Stars

Watchers

Forks