diff --git a/cmake/CMakeLists.txt b/cmake/CMakeLists.txt
index 4fa0df540e..e87ac4f9d0 100644
--- a/cmake/CMakeLists.txt
+++ b/cmake/CMakeLists.txt
@@ -150,6 +150,11 @@ if (MSVC)
     SET (CMAKE_CXX_FLAGS_RELEASE "${CMAKE_CXX_FLAGS_RELEASE} /GL")
     SET (CMAKE_CXX_FLAGS_RELWITHDEBINFO "${CMAKE_CXX_FLAGS_RELWITHDEBINFO} /GL")
   endif()
+  if (onnxruntime_ENABLE_QSPECTRE)
+    SET(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} /Qspectre /guard:cf /Zi")
+    SET(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} /Qspectre /guard:cf /Zi")
+    SET(CMAKE_EXE_LINKER_FLAGS  "/guard:cf /DYNAMICBASE")
+  endif()
 else()
   if(onnxruntime_BUILD_FOR_NATIVE_MACHINE)
     string(APPEND CMAKE_CXX_FLAGS_RELEASE " -march=native -mtune=native")
diff --git a/tools/ci_build/build.py b/tools/ci_build/build.py
index e791ff081f..b7e3bd0492 100755
--- a/tools/ci_build/build.py
+++ b/tools/ci_build/build.py
@@ -133,6 +133,7 @@ Use the individual flags to only run the specified stages.
     parser.add_argument("--use_nuphar", action='store_true', help="Build with nuphar")
     parser.add_argument("--use_tensorrt", action='store_true', help="Build with TensorRT")
     parser.add_argument("--tensorrt_home", help="Path to TensorRT installation dir")
+    parser.add_argument("--enable_qspectre", action='store_true', help="Enable compiler option to compile with /Qspectre and /GUARD:CF")
     parser.add_argument("--use_full_protobuf", action='store_true', help="Use the full protobuf library")
     parser.add_argument("--disable_contrib_ops", action='store_true', help="Disable contrib ops (reduces binary size)")
     return parser.parse_args()
@@ -320,6 +321,7 @@ def generate_build_tree(cmake_path, source_dir, build_dir, cuda_home, cudnn_home
                   # By default - we currently support only cross compiling for ARM/ARM64 (no native compilation supported through this script)
                  "-Donnxruntime_CROSS_COMPILING=" + ("ON" if args.arm64 or args.arm else "OFF"),
                  "-Donnxruntime_BUILD_x86=" + ("ON" if args.x86 else "OFF"),
+                 "-Donnxruntime_ENABLE_QSPECTRE=" + ("ON" if args.build_shared_lib and args.enable_qspectre else "OFF"),
                  "-Donnxruntime_USE_FULL_PROTOBUF=" + ("ON" if args.use_full_protobuf else "OFF"),
                  "-Donnxruntime_DISABLE_CONTRIB_OPS=" + ("ON" if args.disable_contrib_ops else "OFF"),
                  ]