Mitigating CVE-2017-5715, CVE 2017-5754 and CVE-2018-3620 using SanerNow



    Microsoft has additional recommendations for effectively patching the following vulnerabilities,




    Mitigation of these vulnerabilities require creation of certain Windows Registry entries. This article describes the steps to create these registry settings. 

    Affected OS: All Microsoft Windows

    Solution : 

    1. Install the patches recommended in the Microsoft advisory, ADV180002

    2. Create the following registry entries,

     Registry Changes,

    reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management" /v FeatureSettingsOverride /t REG_DWORD /d 0 /f

    reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management" /v FeatureSettingsOverrideMask /t REG_DWORD /d 3 /f

    3. Reboot the system so that the changes take effect. 


    Mitigation using SanerNow,

    1. Download the L1TF_variant.exe which is attached.

    2. Login to

    3. Switch to the account/site specific view

    4. Use the EM tool to create an Action

    5. Select 'software Deployment' feature

    6. Select 'Install' in the 'command' and select 'Install method' as 'Using Installation file'

    7. Upload the file L1TF_variant.exe

    8. Provide 'Command line arguments*' as /S for silent mode installation

    9. Select the Group where you want to apply this change and click 'Create Response'


    Systems need to be rebooted to effect this change. Reboot job can also be created using EM -> Actions -> System option. 

    On the next scheduled scan, vulnerabilities will not be reported. 

    How to mitigate the above CVE's using Saner Personal

    1. Download the L1TF_variant.exe which is attached.

    2. Open the cmd.exe as 'Administrator'

    3. Go the path where exe is downloaded

    5. run with /S option as

    L1TF_variant.exe /S

    6. scan the device 

    This should resolve the issue and as part of the next scheduled scan, Saner will not report these vulnerabilities.




    Was this article helpful?
    0 out of 0 found this helpful