Microsoft Says Windows 10 PCs Running Haswell Or Older Intel CPUs Can Expect Significant Slowdowns Post-Spectre Patch
For its part, Microsoft is addressing some of the performance ramifications for installing patches to mitigate the Meltdown and Spectre vulnerabilities. Windows Chief Terry Myerson describes three exploits (two for Spectre, one for Meltdown) that have been addressed using a combination of silicon microcode updates and changes to the Windows operating system:
- Variant 1 (Spectre): CVE-2017-5753 (Bound Check Bypass)
- Variant 2 (Spectre): CVE-2017-5715 (Branch Target Injection)
- Variant 3 (Meltdown): CVE-2017-5754 (Rogue Data Cache Load)
Now for some good news and bad news. We'll get the good news out of the way first and tell you that Variant 1 and Variant 3 will have "minimal performance impact" for users. However, bad news comes with the revelation that the mitigation protocols put in place with Variant 2 can have a profound effect on system performance, especially for users running Haswell (or older) processors on Windows 10 and Windows Server customers (regardless of what processor being used).
- Windows 10 PCs with Skylake, Kaby Lake or anything newer may see "single-digit slowdowns", but for most users the impact will be minimal.
- Windows 10 PCs with Haswell or older processors will see "more significant slowdowns" and Microsoft notes that a segment of customers may "notice a decrease in system performance”.
- Windows 7 and Windows 8 PCs powered by Haswell or older processors will see a "decrease in system performance" for "most users".
As for customers running Windows Server, "Hold on to your butts":
Windows Server on any silicon, especially in any IO-intensive application, shows a more significant performance impact when you enable the mitigations to isolate untrusted code within a Windows Server instance. This is why you want to be careful to evaluate the risk of untrusted code for each Windows Server instance, and balance the security versus performance tradeoff for your environment.
Despite the negative performance impact on customers, Myerson is making it clear that Microsoft is trying to be as transparent as possible with the entire patching process. "The security of the systems our customers depend upon and enjoy is a top priority for us," Myserson adds. "That’s why we’ve chosen to provide more context and information today and why we released updates and remediations as quickly as we could on Jan. 3. Our commitment to delivering the technology you depend upon, and in optimizing performance where we can, continues around the clock and we will continue to communicate as we learn more."
Based on our most recent PC benchmarking, we continue to expect that the performance impact should not be significant for average computer users. This means the typical home and business PC user should not see significant slowdowns in common tasks such as reading email, writing a document or accessing digital photos. Based on our tests on SYSmark 2014 SE, a leading benchmark of PC performance, 8th Generation Core platforms with solid state storage will see a performance impact of 6 percent or less. (SYSmark is a collection of benchmark tests; individual test results ranged from 2 percent to 14 percent.)
The company goes on to state, "Our goal is to provide our customers with the best possible protection against the exploits while minimizing the performance impact of the updates. We plan to share more extensive information about performance impact when we can."