Share
## https://sploitus.com/exploit?id=D5668CE0-0929-5B6F-B47E-ACF5808F5440
This is a tool for checking the state of software mitigations against Spectre and Meltdown vulnerabilities. It uses the NtQuerySystemInformation API call to report the data as seen by the Windows Kernel. The tool is currently optimized for Microsoft Windows 7-10 and uses the best-working exploit code from Eugnis and processor feature detection code from Alex Ionescu.

The tool checks for the following:

Variant 1: Bounds check bypass (CVE-2017-5753)
Variant 2: Branch target injection (CVE-2017-5715)
Variant 3: Rogue data cache load (CVE-2017-5754)

The tool reports the status of the mitigations as follows:

If the system is patched, the tool will report the status of the mitigations.
If the system is not patched, the tool will fail the call.

The tool can be used to determine potential performance pitfalls and to verify the effectiveness of the mitigations.

Preconditions:

The tool requires Windows 7 SP1 or higher.
The tool requires the NtQuerySystemInformation API call to be enabled.

Expected impact:

The tool will report the status of the mitigations, which can be used to determine potential performance pitfalls.
The tool will fail the