Microsoft has recently released the KB5025175 update for Win10 and Win11 systems with a built-in PowerShell script that helps users verify and mitigate devices for CPU vulnerabilities that can be used to launch speculative execution side-channel attacks.
The vulnerability is numbered CVE-2022-41099 and dates back as far as November 8, 2022. The vulnerability can be exploited by hackers to access sensitive data on a user’s device.
The official Microsoft update is as follows:
Introduction
Microsoft has developed a sample PowerShell script to help you automatically update the Windows Recovery Environment (WinRE) on deployed devices to address the security vulnerability in CVE-2022-41099.
Example PowerShell script
Example PowerShell script developed by the Microsoft product team to help automatically update WinRE images on Windows 10 and Windows 11 devices.
Run the script on the affected device using the administrator credentials in PowerShell. There are two scripts available – which one to use depends on the version of Windows being run. Please use the appropriate version for your environment.
The KB5025175 update is split into the following two PowerShell scripts
PatchWinREScript_2004plus.ps1 (recommended)
This script works with Windows 10 version 2004 and higher, including Windows 11. It is recommended to use this version of the script as it is more reliable but uses features that are only available on Windows 10 version 2004 and higher.
PatchWinREScript_General.ps1
This script is available for Windows 10 version 1909 and lower but executes on all versions of Windows 10 and Windows 11. it
