Microsoft Offers Instructions to Disable Downfall Mitigations on Windows

Intel
(Image credit: Intel)

Mitigations that patch the new Downfall vulnerability in Intel's previous Best CPUs have finally been released. Now, Microsoft has provided a method for turning off the Downfall mitigation for users that require speed over security.

To disable the Downfall mitigation, open an elevated command prompt and type the following: "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management" /v FeatureSettingsOverride /t REG_DWORD /d 33554432 /f. 

Alternatively, you can execute the same command in the Windows Registry by heading to this location: 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management, finding the value name FeatureSettingsOverride, finding the value type REG_DWORD, and inputting the hexadecimal code 0x2000000.

For this to work, you again must have the Downfall mitigation installed. Windows 10 and 11 installations must also include Windows updates released on August 22, 2023, or later. The same applies to Windows Server environments with Windows updates dated on or after September 12th, 2023. 

GDS takes advantage of an architectural vulnerability in Intel's CPUs that reveals internal hardware registers to software, allowing attackers to infer stale data from previously used vector registers. (This is similar to AMD's Zen 1 vulnerability, which utilizes exploitable CPU registers to steal sensitive data.)

Aaron Klotz
Contributing Writer

Aaron Klotz is a contributing writer for Tom’s Hardware, covering news related to computer hardware such as CPUs, and graphics cards.

  • BobDC
    The command to type to add the registry entry is not complete. I think it should be:

    reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management" /v FeatureSettingsOverride /t REG_DWORD /d 33554432 /f
    Reply