Processor-level vulnerabilities, namely Meltdown and Spectre, have exposed millions of devices to hackers who can exploit sketchy kernel security to read and hijack system processes and other user programs.
While chipmakers like Intel and AMD and software giants like Google have come out to defend their stand, assuring users that the intended patches won’t affect performance significantly, Microsoft has decided to disclose the potential repercussions of the fix.
Microsoft has detailed the impact of firmware updates to patch Spectre and Meltdown issues. The company says that PCs with latest chipsets, running on Windows 10, will not experience a noticeable performance lag. On the other hand, machines on Windows 8 and Windows 7 – especially the ones using Haswell processors (mostly Intel Core 4th Gen) and lower – will observe a major difference while Windows Servers will be gravely hit. So, it’s a reason to worry if you own a PC or laptop which is older than three years.
Microsoft, in a blog post, explained that PCs with Skylake, Kaby Lake, and more advanced processors have only exhibited “single-digit slowdowns” in terms of benchmark scores and the users are unlikely to notice any difference “because these percentages are reflected in milliseconds.” With systems running Windows 10 on Haswell processors, the performance slowdown will be more than observable for only “some users“, but is not likely to hinder usual tasks.
Meanwhile, “most users” running earlier versions of Windows on Haswell or older processors will be plagued by a significant performance shrinkage. This is because the operating systems like Windows 7 and 8 run many kernel-dependent tasks like font rendering.
Windows Server clients, especially the ones who have “I/O intensive” processes, will suffer from a major contraction. The company has, thus, advised such users to evaluate the need for the patch to “balance the security versus performance“ in their ecosystems. For systems which are not vulnerable to intrusions via browsers and have tight security protocols in place, server admins can choose to not opt for the update, Microsoft insists. But that puts them at the risk of not being able to install updates in future as well.
While Windows updates will look after Spectre Variant 2, Microsoft has also strengthened the security of Edge and Internet Exproler 11 to mitigate the risks of Spectre Variant 1 and Meltdown. This fix involves isolating database tables of kernel and user processes. 41 out of 45 officially supported Windows editions have already received a firmware update whereas the remaining four are expected to be patched soon.
Microsoft’s attempt to be transparent with its users is likely to be an attempt of trying to dodge any blame for slowing down PCs, just like Apple recently did over the issue of intentionally slowing down older iPhones. This step also leaves room for other companies like Google and Apple to issue similar guidance to Android and Mac users, who could also face slowdowns following respective patches.