Microsoft believes the Meltdown and Spectre fixes will affect the performance of personal computers and slow down servers drastically.
In a blog post, the firm suggested that the slowdowns from the Meltdown and Spectre fixes could be a lot more extensive than Intel suggested previously.
At the annual CES conference taking place in Las Vegas, Intel CEO Brian Krzanich indicated that while the problem was more widespread than what was initially thought, he didn’t get into the extent of the impact.
“We believe the performance impact of these Meltdown and Spectre fixes is highly workload-dependent,” he said. “As a result, we expect some workloads may have a larger impact than others. As of now we have not received any information that these exploits have been used to retrieve customer data,” he said.
In the blog post, Terry Myerson, Microsoft’s EVP for Windows and Devices Group, said, “In an environment where multiple servers are sharing capabilities, these vulnerabilities could mean it is possible for someone to access information in one virtual machine from another.”
The firm said it is working on many benchmarks and also refining them to “tune performance.”
Myerson said that the computers with Windows 10 on newer silicon and sold from 2016 will face “single-digit” slowdowns, however most users won’t notice the change as these “percentages are reflected in milliseconds”.
Users will notice a decrease in system performance for older Windows 10 PCs and machines running Windows 7 and Windows 8 since 2015 will be the ones most affected, according to Microsoft. The company also said that the Windows Server on any silicon, especially in any IO-intensive application, shows a more significant performance impact when users enable the mitigations to isolate untrusted code within a Windows Server instance.
“This is why you want to be careful to evaluate the risk of untrusted code for each Windows Server instance, and balance the security versus performance tradeoff for your environment,” Myerson added. “A new exploit like this requires our entire industry to work together to find the best possible solutions for our customers. The security of the systems our customers depend upon and enjoy is a top priority for us.”
