We have updated the Speculation Execution Side-Channel Vulnerabilities Configuration Baseline. The updated baseline now includes support for verifying the protections for CVE-2018-3639 (Speculative store bypass) in addition to the previously supported CVE-2017-5715 and CVE-2017-5754.
This configuration baseline is used to confirm whether a system has enabled the protections needed for the speculative-execution side-channel vulnerabilities as described in Microsoft Security Advisory ADV180002 and Microsoft Security Advisory ADV 18012. It is based on the functionality in the PowerShell module Get_SpeculationControlSettings. It requires at least PowerShell 3.0.