Intel Issues Meltdown, Spectre Patches For Newer CPUs

News
By Lucian Armasu
published

Intel announced that it started issuing updates to about 90% of its personal computer and server CPUs from the past five years or newer, through the makers of those devices. The updates include patches for the recently discovered Meltdown and Spectre CPU flaws.

Meltdown And Spectre

Google Project Zero security researchers recently announced that all of the world’s CPUs have two major vulnerabilities in them, which they named Meltdown and Spectre. The Meltdown name comes from the bug essentially “melting” the security barriers that were supposed to be enforced by hardware. Spectre comes from the root cause of the flaw, which is speculative execution. The former only affects Intel, while the later affects all CPU makers, including Intel, AMD, and ARM.

Patches Against Meltdown And Spectre

Intel announced that it has already started issuing updates to five-year-old CPUs or newer, which should include the Ivy Bridge generation, which came out in 2012, and later. However, we know from the researchers who discovered Meltdown that the bug affects Intel CPUs at least as old as 2011, and potentially all the CPUs Intel has built since 1995, with a few exceptions.

This could mean that a significant portion of the Intel CPUs out there will be left vulnerable to attacks, as most people refresh their computers after five years.

Desktop, Laptop, and Cloud computers may be affected by Meltdown. More technically, every Intel processor which implements out-of-order execution is potentially affected, which is effectively every processor since 1995 (except Intel Itanium and Intel Atom before 2013). We successfully tested Meltdown on Intel processor generations released as early as 2011. Currently, we have only verified Meltdown on Intel processors. At the moment, it is unclear whether ARM and AMD processors are also affected by Meltdown.

The Google researchers also said that Spectre affects virtually all CPUs, including those from Intel, AMD, and ARM.

Intel added that the patches should reach 90% of the Intel CPUs from the past five years by the end of the week. The company also noted that cloud providers, operating system vendors, and device manufacturers have already updated their products and services. The company didn’t mention which Windows versions will receive the patch, but we have to presume it’s at least Windows 7 and later.

Intel also acknowledged that the patch will slow down its chips in some instances, but the slowdown will be workload-dependent. Regular consumers shouldn’t be impacted by the bug fixes too much, presumably, unless they run virtual machines or other I/O-intensive tasks on their computers. However, Intel also mentioned that the performance penalty on some workloads will be reduced over time.

Lucian Armasu
Lucian Armasu
Lucian Armasu is a Contributing Writer for Tom's Hardware US. He covers software news and the issues surrounding privacy and security.
21 Comments Comment from the forums
  • anotherdrew
    Some say these patches might affect performance. Has anyone done any testing?
    Reply
  • Patrick_Bateman
    It does in synthetics based on some preliminary benchmarks posted on another tech site, but not so much in real-world applications.
    Reply
  • thrakazog
    Hardware Unboxed tested the 8700k (post patch) with win 10. The only thing that showed any real change was SSD performance. You can see the tests here....

    https://www.youtube.com/watch?v=_qZksorJAuY
    Reply
  • Sinko
    Testing on my own system using the normal CPU stress tests yielded no change. Ran tests many times. Test results are useless to post as I stated before, no change.
    Reply
  • tamalero
    20558634 said:
    Some say these patches might affect performance. Has anyone done any testing?


    Won't affect every day people.

    Might affect emulation heavily.
    Will also affect heavily certain work types on servers (like databases and VMs)
    Reply
  • mikeynavy1976
    Well, rather than wait until my machines could pick it up on automatic Windows Update, I went and downloaded/installed it via the circulating Microsoft Update Catalog link. Initial impressions after install, especially on laptops, was a bit concerning...they ran at 100% for a while and core temps hit 100C. I'll keep an eye on them but, fortunately, my desktop seems to be "stabilizing" and clock speeds are starting to fluctuate again and temps have dropped (desktop core temps were around 75C w/ Corsair H60 and no overclock). Readings are looking a lot more normal now. That being said, I didn't run any benchmarks but real-world performance doesn't seem affected...everything else in Windows and application speed seem to be unaffected.
    Reply
  • rds1220
    So there won't be much of a performance hit for us gamers?
    Reply
  • Supernova1138
    20559848 said:
    So there won't be much of a performance hit for us gamers?

    As far as the Meltdown bug is concerned, no it doesn't look like it. Games mostly run inside the user space and don't make all that many syscalls, so the fix for Meltdown doesn't seem to have much impact for most consumer applications including games. The bigger performance hits will be for server applications and to a lesser extent people with really fast storage, NVMe drives do take a small hit to their benchmarks with the patch.

    The Spectre bug could be a bigger problem if Intel and AMD do decide the only way to mitigate this problem is to disable branch prediction entirely. That could lead to a big across the board performance drop for everybody.
    Reply
  • rds1220
    20559878 said:
    20559848 said:
    So there won't be much of a performance hit for us gamers?

    As far as the Meltdown bug is concerned, no it doesn't look like it. Games mostly run inside the user space and don't make all that many syscalls, so the fix for Meltdown doesn't seem to have much impact for most consumer applications including games. The bigger performance hits will be for server applications and to a lesser extent people with really fast storage, NVMe drives do take a small hit to their benchmarks with the patch.

    The Spectre bug could be a bigger problem if Intel and AMD do decide the only way to mitigate this problem is to disable branch prediction entirely. That could lead to a big across the board performance drop for everybody.

    Just got an NVME drive figures now this will happen and mess up performance
    Reply
  • Supernova1138
    20559900 said:
    20559878 said:
    20559848 said:
    So there won't be much of a performance hit for us gamers?

    As far as the Meltdown bug is concerned, no it doesn't look like it. Games mostly run inside the user space and don't make all that many syscalls, so the fix for Meltdown doesn't seem to have much impact for most consumer applications including games. The bigger performance hits will be for server applications and to a lesser extent people with really fast storage, NVMe drives do take a small hit to their benchmarks with the patch.

    The Spectre bug could be a bigger problem if Intel and AMD do decide the only way to mitigate this problem is to disable branch prediction entirely. That could lead to a big across the board performance drop for everybody.

    Just got an NVME drive figures now this will happen and mess up performance

    Fortunately the hit doesn't seem to be too big in Windows, the benches I've seen for NVMe drives was about a 2-7% drop in random reads/writes. So not a catastrophic loss, you're still going to be getting considerably more performance than a SATA SSD.
    Reply