January 10, 2018 // 9:35 a.m.
Microsoft has shed additional light on the performance impact of its Meltdown and Spectre patches, designed to work around serious security vulnerabilities in most modern microprocessors, and it's not good news for anyone not on the very latest chips.
Since being announced ahead of schedule last week, the industry has been racing to patch major security issues with modern processors stemming from the use of speculative execution - a performance-boosting technique whereby the processor fetches data ahead of it being requested and which, researchers discovered, can be abused by unprivileged processes to gain access to passwords and other supposedly secret information located in otherwise protected memory locations. Requiring a major shift in how memory access takes place, that there would be some performance impact was unquestionable - but companies have been arguing about exactly how much users can expect to see. Intel, at the time of the announcement, claimed that most users would see little to no impact, while Epic Games has blamed the patches for major performance impacts on its Fortnite gaming servers.
Having released a bevy of patches to its users - though it has since temporarily withdrawn the patches for AMD platforms following reports of boot failures post-installation - Microsoft is now offering some insight into exactly what kind of performance impact users can expect, and for those on Intel's latest chips the news is good: 'With Windows 10 on newer silicon (2016-era PCs with Skylake, Kabylake or newer CPU), benchmarks show single-digit slowdowns,' claims Microsoft's Terry Myerson in a blog post published late yesterday, 'but we don’t expect most users to notice a change because these percentages are reflected in milliseconds.'
Sadly, the news gets progressively worse from there - and anyone who hasn't upgraded recently can expect issues. 'With Windows 10 on older silicon (2015-era PCs with Haswell or older CPU), some benchmarks show more significant slowdowns, and we expect that some users will notice a decrease in system performance,' Myerson warns. 'With Windows 8 and Windows 7 on older silicon (2015-era PCs with Haswell or older CPU), we expect most users to notice a decrease in system performance.'
For those running Windows Server environments, the news is worse still: Myerson admits that the performance impact for input-output intensive operations is so severe that users will need to 'evaluate the risk of untrusted code for each Windows Server instance, and balance the security versus performance tradeoff for your environment' - a far cry from Intel's original claims that the performance impact for mitigating the security flaws would be negligible.
'For context, on newer CPUs such as on Skylake and beyond, Intel has refined the instructions used to disable branch speculation to be more specific to indirect branches, reducing the overall performance penalty of the Spectre mitigation,' Myerson explains of the difference in impact between new and old chips and operating systems. 'Older versions of Windows have a larger performance impact because Windows 7 and Windows 8 have more user-kernel transitions because of legacy design decisions, such as all font rendering taking place in the kernel. We will publish data on benchmark performance in the weeks ahead.'