Mitigating CVEs on Microsoft Systems: A Registry-Based Approach

Modified on Sun, 16 Mar at 1:04 PM

Overview 

In some cases, Microsoft assets may be vulnerable to specific CVEs without an available patch. This knowledge base article outlines a reliable mitigation method using a PowerShell script to modify registry settings, effectively addressing these vulnerabilities. 

 
Affected CVEs 

The following CVEs have been identified as affecting Microsoft assets: 

  • CVE-2017-5715 
  • CVE-2017-5754 
  • CVE-2018-3639 
  • CVE-2018-12126 
  • CVE-2018-12130 
  • CVE-2018-12127 
  • CVE-2019-11091 
  • CVE-2019-11135 
  • CVE-2022-21123 
  • CVE-2022-21125 
  • CVE-2022-21127 
  • CVE-2022-21166 
  • CVE-2022-0001 

 
A screenshot of a computer 
AI-generated content may be incorrect. 
Solution: 
To mitigate these vulnerabilities, the SanerNow team has shared an executable (.EXE) designed to implement the necessary security measures. 

 
Deployment Process 

  1. Pre-Deployment Considerations: 
  • Ensure all relevant and available KB updates are installed on the affected device before deploying the exe. 
  • Backup the system registry to prevent unintended changes. 

  
   2. Executing the Mitigation Script: 

  • The provided exe, when executed, creates specific registry entries to mitigate the listed vulnerabilities. 
  • These registry modifications are made under the following path: 

Registry Path: 
HKLM:\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management 

Values Created: 

  • FeatureSettingsOverride = 8388608 
  • FeatureSettingsOverrideMask = 3 
     

 
A screenshot of a computer 
AI-generated content may be incorrect. 

 

  1. Deployment Method: 

  • The exe can be deployed using endpoint management (EM) software for seamless execution across multiple devices. 
  • Once deployment is completed successfully, verify the applied registry settings. 

  1. Verification: 

  • Perform a post-deployment system scan to confirm that the vulnerabilities are mitigated. 
  • If the vulnerabilities still appear, revalidate the applied registry settings and ensure no system conflicts are preventing the changes. 

 
A screenshot of a computer 
AI-generated content may be incorrect. 

Additional Notes 

  • The exe modifies system memory management settings to enhance security and mitigate risks associated with the listed CVEs. 
  • While this solution addresses the vulnerabilities, it is recommended to monitor Microsoft’s security advisories for any official patches that may become available in the future. 

 
 
Conclusion 

This article provides a practical solution for mitigating vulnerabilities when no official patch is available. By deploying the provided exe and verifying the registry changes, organizations can secure their Microsoft assets against the listed CVEs.

Was this article helpful?

That’s Great!

Thank you for your feedback

Sorry! We couldn't be helpful

Thank you for your feedback

Let us know how can we improve this article!

Select at least one of the reasons
CAPTCHA verification is required.

Feedback sent

We appreciate your effort and will try to fix the article