Microsoft said Tuesday that PCs running older versions of Windows, or even just older Intel silicon, will see a noticeable impact in performance from the Meltdown and Spectre patches. Intel released its own performance information, though it showed just a slight impact for its 8th-generation Core chips.
Microsoft’s blog post reflects where the industry is in terms of dealing with the three side-channel vulnerabilities within Spectre and Meltdown. Only the second, the “branch target injection” vulnerability, shows any performance impact, Microsoft said. But as patches roll out, customers have begun to worry what the performance impacts might be, too.
What this means to you: Unfortunately, older PCs look like they’re going to be hit the hardest, based on the way Windows was coded at the time. But even if you’re tempted not to patch, please do! Your data needs to be protected.
Meltdown/Spectre: Patches continue to roll out
In a blog post, Microsoft’s OS chief, Terry Myerson, explained that patches for 41 of the 45 editions of Windows that Microsoft distributes now have patches available. Microsoft and other vendors recommend that those patches be swiftly applied; Windows Update’s January rollup patch applies those patches to Windows systems. Users also need to ensure that their antivirus software is up to date.
For individual PCs, Microsoft recommends that users visit its Meltdown/Spectre support page, which includes links to microcode patches from hardware manufacturers. (Unfortunately, those links are buried within the “Where can I find hardware/firmware updates for my device?” section within the FAQ at the bottom of the page.)
Surface devices will also be patched, Microsoft said, beginning today.
Performance impacts from both Intel and Microsoft
For now, Myerson said, the first variant of the Spectre vulnerability can be patched without any significant performance impacts, and that “mitigations” for Meltdown can also be applied without significant slowdowns to the system. But third-party benchmarks that have tested the patch impacts have generally done so without patches to both the silicon microcode as well as the operating system, he wrote. Microsoft’s latest tests reflect both.
Microsoft’s summary is as follows:
- With Windows 10 on newer silicon (2016-era PCs with Skylake, Kaby Lake or newer CPUs), benchmarks show single-digit slowdowns. Microsoft doesn’t expect most users to notice a change because the percentages will be reflected in milliseconds.
- With Windows 10 on older silicon (2015-era PCs, with Haswell or older CPUs), some benchmarks show more significant slowdowns, Microsoft says, and the company expects that some users will notice a decrease in system performance.
- With Windows 8 and Windows 7 on older silicon (2015-era PCs with Haswell or older CPUs), Microsoft expects most users to notice a decrease in system performance.
Windows Server machines will actually show an even more significant performance impact when the mitigations are enabled and untrusted code is run within a Windows Server instance, the company said.
Microsoft didn’t release specific benchmark results, or reveal how it generated those numbers. Additional benchmarks will be published in the weeks ahead, Microsoft said.
The performance impacts are felt more significantly in older operating systems because Windows requires more user-kernel transitions to accommodate legacy design decisions, such as all font rendering taking place in the kernel, Myerson wrote.
“On newer CPUs, such as on Skylake and beyond, Intel has refined the instructions used to disable branch speculation to be more specific to indirect branches, reducing the overall performance penalty of the Spectre mitigation,” Myerson added.
That left the door open for Intel to provide more context on the effects of the patches on its systems, though the chip giant provided just a few additional details.
“Based on our most recent PC benchmarking, we continue to expect that the performance impact should not be significant for average computer users,” Intel said in a statement. “This means the typical home and business PC user should not see significant slowdowns in common tasks such as reading email, writing a document or accessing digital photos.”
Based on the company’s tests with Sysmark 2014 SE, 8th-generation Core platforms with an SSD inside will see a performance impact of 6 percent or less, Intel said, with specific test results showing a range from between 2 and 14 percent. The company said it did not have a comprehensive picture of how the patches would affect server workloads.
Intel said that it has been focused on designing and distributing microcode patches, rather than benchmarking their effects, the company said.
The effects on AMD-based PCs weren’t mentioned by either Intel or Microsoft. Microsoft halted some Spectre patches on older AMD PCs because they generated system errors.
Both Intel and Microsoft said that they would continue to provide updates.