I started working on this as soon as there was a reasonably easy way to detect vulnerable machines on Windows.
- A script that you run against agents, which sets EDFs and highlights numerous things (BIOS/Firmware update, notes, whether certain mitigations are enabled and whether you are secure)
- A Dataview that you can import to have a good overview of all clients
- A Report that you can run to have something formatted to send to clients querying your action on this
- The underlying PowerShell I am using to populate the EDFs
A big thank you to Darren White for providing the Dataview.
If anyone wants to offer collective input, I will accept pull requests on the Github repos.
Enjoy! The EDFs that get imported in “Meltdown and Spectre Detection” are seen below.