Windows 11 and 10 KB5029778 to address CVE-2022-40982 vulnerability

KB5029778 is released to manage vulnerability related to CVE-2022-40982 in Windows 11 and 10.

KB5029778

In early August, according to reports, security vulnerabilities were found in certain Intel and AMD CPUs. A recent development from Microsoft, specifically mentioned in KB5029778, underscores this concern. The impact of this issue extends to all iterations of Windows 10 and Windows 11 that utilize these integrated CPUs. Microsoft offers guidance on how to address or deactivate and mitigate this vulnerability. According to Microsoft’s statement: “It’s important to note that the most recent Intel products, such as Alder Lake, Raptor Lake, and Sapphire Rapids, incorporate defense-in-depth mechanisms and remain unaffected by this vulnerability.”

Microsoft acknowledges the emergence of a novel transient execution attack referred to as “Gather Data Sampling” (GDS) or “Downfall.” This susceptibility has the potential to extract data from compromised CPUs, traversing security barriers such as user-kernel partitions, processes, virtual machines (VMs), and trusted execution domains. See: Fix KB5027231/KB5027223/KB5027219 Breaking Issues in Windows 11, 10.

KB5029778 to manage CVE-2022-40982 vulnerability

The mitigation detailed in this article is activated by default, but you also have the choice to deactivate it. The company strongly advises taking prompt action to address the vulnerability.

Please take note that Intel’s most recent offerings, such as Alder Lake, Raptor Lake, and Sapphire Rapids, incorporate comprehensive security measures and remain unaffected by this vulnerability.

In order to address the vulnerability linked to CVE-2023-40982, it is advised to apply the Intel Platform Update (IPU) version 23.3 microcode update. Usually, you can acquire this update from your respective original equipment manufacturer (OEM). A list of OEMs is available under System Manufacturers. There is no additional action needed to counter the vulnerability.

How to Disable the Mitigation

If you don’t perceive Gather Data Sampling (GDS) as a factor within your threat model, you could opt to deactivate the mitigation in a bare-metal setting.

Please be aware that excluding the current implementation, the deactivation of mitigation while Hyper-V (Virtualization) is enabled is not within the scope.

In order to deactivate the GDS mitigation in Windows (KB5029778), you should ensure that the following components are installed, tailored to your specific environment:

  1. For compatible Windows 10 and Windows 11 setups, it’s imperative to have installed a Windows update released on or after August 22, 2023.
  2. For applicable Windows Server environments, it’s necessary to have applied a Windows update released on or after September 12, 2023.

Once the suitable Windows update has been installed, it becomes essential to configure the subsequent feature flag within the registry:

Registry location: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management
Value name: FeatureSettingsOverride
Value type: REG_DWORD
Value data: 0x2000000 (hex)

In case this registry value isn’t present, execute the following command to deactivate the GDS mitigation:

reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management" /v FeatureSettingsOverride /t REG_DWORD /d 33554432 /f

The update is applicable to:

Windows 10 Education, v1607
Windows 10 Professional v1607
Windows 10 Enterprise, v1607
Windows 10 Enterprise, v1809
Windows 10 Professional Education v1607
Windows 10 Pro Education, v1607
Windows Server 2019
Windows Server 2022
Windows 10 Home and Pro, v21H2
Windows 10 Enterprise and Education, v21H2
Windows 10 IoT Enterprise, v21H2
Windows 10 Home and Pro, v22H2
Windows 10 Enterprise Multi-Session, v22H2
Windows 10 Enterprise and Education, v22H2
Windows 10 IoT Enterprise, v22H2
Windows 11 Home and Pro, v21H2
Windows 11 Enterprise Multi-Session, v21H2
Windows 11 Enterprise and Education, v21H2
Windows 11 IoT Enterprise, version 21H2
Windows 11 Home and Pro, version 22H2
Windows 11 Enterprise Multi-Session, v22H2
Windows 11 Enterprise and Education, v22H2
Windows 11 IoT Enterprise, v22H2

Source: Release note.

That’s all!!

Sharing is caring    Share Whatsapp

 
Topics:  Windows update
  
About Sunita
Love to play with Windows 11 and 10. Suggestion - Going for Registry change or system files edit then remember to take a backup or create a restore point before Starting.