Portanto, tenho um Lenovo ThinkCentre M800, executando o Windows 10 x64, 1709. Apliquei a Atualização do BIOS mais recente, que é a versão FWKT86A, e executei o Get-SpeculationControlSettings (no módulo PS do Controle de Especulação que determina se PC ainda está em risco), e ele retorna não protegido. Eu assegurei que o PC está completamente atualizado, e ainda estou mostrando que o PC ainda está vulnerável ao Specter / Meltdown.
Alguém mais se deparou com isso? A atualização do BIOS realmente protege contra o Specter / Meltdown?
Veja os resultados de Get-SpeculationControlSettings:
Get-SpeculationControlSettings
Speculation control settings for CVE-2017-5715 [branch target injection]
For more information about the output below, please refer to https://support.microsoft.com/en-in/help/4074629
Hardware support for branch target injection mitigation is present: False ||
Windows OS support for branch target injection mitigation is present: False||
Windows OS support for branch target injection mitigation is enabled: False
Speculation control settings for CVE-2017-5754 [rogue data cache load]
Hardware requires kernel VA shadowing: True
Windows OS support for kernel VA shadow is present: False
Windows OS support for kernel VA shadow is enabled: False
Suggested actions
* Install BIOS/firmware update provided by your device OEM that enables hardware support for the branch target injection mitigation.
* Install the latest available updates for Windows with support for speculation control mitigations.
* Follow the guidance for enabling Windows Client support for speculation control mitigations described in https://support.microsoft.com/help/4073119
BTIHardwarePresent : False
BTIWindowsSupportPresent : False
BTIWindowsSupportEnabled : False
BTIDisabledBySystemPolicy : False
BTIDisabledByNoHardwareSupport : False
KVAShadowRequired : True
KVAShadowWindowsSupportPresent : False
KVAShadowWindowsSupportEnabled : False
KVAShadowPcidEnabled : False