SAN FRANCISCO — Patches issued by Microsoft to safeguard against the Spectre and Meltdown vulnerabilities uncovered by researchers have a noticeable impact on PC performance in systems with older Intel processors, Microsoft said Tuesday (Jan. 9).
Patches issued to mitigate Meltdown and one variant of Spectre have minimal performance impact, Microsoft said in a posting on its website. However, mitigations for Spectre variant 2 to carry a performance impact that will be noticeable on systems from 2015 or earlier running Windows 10, Windows 8 or Windows 7, the company said.
PCs with running Windows 10 with newer Intel processors — Skylake, Kabylake or newer — will experience performance decreases so slight — measured in microseconds — that most users are unlikely to notice, Microsoft said.
Intel has largely sought to downplay the performance impact of the fixes since the newly discovered vulnerabilities were disclosed by researchers last week. While some have reported that the fixes may hurt by performance by as much as 30 percent on systems with older Intel chips, Intel has stressed that the impact is highly workload dependent.
During his keynote address at the Consumer Electronics Show in Las Vegas Monday, Intel President and CEO Brian Krzanich said Intel expects to issue updates for 90 percent of its products released in the last five years within the next week, with the remainder due to be issued before the end of January.
"We believe the performance impact of these updates is highly workload dependent," Krzanich said. "As a result, we expect some workloads may have a larger impact than others, so we will continue working with the industry to minimize the impact on those workloads over time."
Intel President and CEO Brian Krzanich delivers the keynote address at the Consumer Electronics Show Monday.
Microsoft said it has made available mitigation patches for 41 of the 45 versions of Windows that it sells. A blog posting on Microsoft's website by Terry Myerson, executive vice president of the Windows and Devices group, said the company expects the remaining patches to be issued soon.
While Intel processors are seen as most directly at risk from the vulnerabilities, ARM-based processors and processors from AMD are also impacted.
The vulnerabilities, discovered by researchers from Google Project Zero and others, point to how hackers could use software analysis techniques to exploit speculative execution in modern processors to perform side-channel attacks. There have been no known attacks exploiting these vulnerabilities.
— Dylan McGrath is the editor-in-chief of EE Times.