Testing Windows 10 Performance Before and After the Meltdown Flaw Emergency Patch

BoraMurdar

Super Moderator
MalwareTips Staff
Joined
Aug 30, 2012
Messages
6,007
OS
Windows 10
Antivirus
Emsisoft
#1
Full Test Testing Windows 10 Performance Before and After the Meltdown Flaw Emergency Patch

The IT world was caught by surprise this week when it was disclosed that nearly every processor sold in the last 20+ years powering all forms of computers could be exploited due to two major hardware flaws (read our 'what you need to know' article). Discovered last year by Google’s Project Zero team, manufacturers have been investigating and working on a fix for months, although the public just came to know about this now.

Because of the nature of Meltdown and Spectre, the patches have to come at the OS level, and there's a possibility of performance loss. On the upside for consumers, desktop computing and gaming may not be as affected as other intensive tasks more commonly seen in server and database applications.

Based on the information received so far, we know most Intel CPUs are affected, but this issue also extends to select ARM architectures, while AMD appears to be mostly in the clear. There are three variants of the exploit and AMD is vulnerable to the “Bounds Check Bypass” method but this can be solved via an OS update and should come at an insignificant performance cost. The other two variants reportedly don't impact AMD processors due to differences in their architectural design.

Linux is one of the operating systems that had received an update addressing the exploit before it was disclosed and tech site Phoronix benchmarked performance before and after. They found some pretty crippling performance down turn on server related tests using a Core i7-8700K with a Samsung 950 PRO NVMe storage device. They followed up with a Linux gaming test that looked at half a dozen titles and mostly found the difference was within the margin of error.
Conclusion, so far
Well, there you have it. Desktop users have little to worry about in terms of performance loss, particularly gamers. We've yet to test older CPUs, but given the type of workloads we’re seeing impacted by the patch, I don’t think there’s going to be an issue with any desktop hardware, but we’ll certainly report back if there is.

The reduction in 4K read performance for high-speed NVMe drives is a concern and while this shouldn’t impact any games, any application that is sensitive to this might show a reduction in performance. Of course, the brief list of applications I tested showed no real reduction in the performance period.

The issue nonetheless remains and is one that has a far bigger potential in affecting servers. It's a serious concern for data centers both on the side of performance and more importantly, security. That's not our area of expertise or interest, so we'll leave that testing to those better equipped to tackle it.
 
Joined
Jan 5, 2018
Messages
178
OS
Windows 10
Antivirus
Isolation
#3
That is nice to see. If I'm not mistaken I believe I read that they will be able to mitigate the performance impact in time, so at some point it probably won't have an affect on 4K read. It'll end up being a big nothing burger in the end and another huge security flaw being fixed. So being level headed and patient I'd say this really ain't a big deal.
 

BoraMurdar

Super Moderator
MalwareTips Staff
Joined
Aug 30, 2012
Messages
6,007
OS
Windows 10
Antivirus
Emsisoft
#4
Thanks for the Heads Up Bora brother, and Happy New Year :p
It seems this is not just a Intel issue after all, this really sux for Data Centers.
Happy Holidays CyberGhost! :) I may sound paranoid but all of this smells like this hole was always set to remain open and collect some data remotelly, but now when the ground is hot under their feet, they decide to patch it. I usually don't think in this direction and if I do it doesn't concern me, but something is fishy in all this mess.
 

_CyberGhosT_

Level 52
Trusted
Joined
Aug 2, 2015
Messages
4,180
OS
Linux Mint
Antivirus
Default-Deny
#5
Happy Holidays CyberGhost! :) I may sound paranoid but all of this smells like this hole was always set to remain open and collect some data remotelly, but now when the ground is hot under their feet, they decide to patch it. I usually don't think in this direction and if I do it doesn't concern me, but something is fishy in all this mess.
Could not agree more, I was just not wanting to sound like a conspiracy theorist first thing in the morning before coffee :p
 
Joined
Nov 8, 2014
Messages
1,259
OS
Windows 10
Antivirus
Microsoft
#6
Newer microcode and BIOS updates have been pulled by Intel and OEMs, so Intel have suggested everybody to rollback the changes.
 

Slyguy

Level 32
Joined
Jan 27, 2017
Messages
2,180
OS
Other OS
#7
Happy Holidays CyberGhost! :) I may sound paranoid but all of this smells like this hole was always set to remain open and collect some data remotelly, but now when the ground is hot under their feet, they decide to patch it. I usually don't think in this direction and if I do it doesn't concern me, but something is fishy in all this mess.
You can bet this was a purposeful hole. Some experts are saying if it wasn't purposeful then the engineers involved are either totally blind, ignorant or incredibly incompetent but probably would have to be all three. Almost nobody believes these guys are, so the only logical conclusion is - this is purposeful. I wouldn't doubt for a minute if it wasn't purposeful and probably one of the most important techniques for intelligence gathering available.

If you 'carefully' look around, observe, and read documents you'll see hints that they knew of this. For example when Greenwald stored Snowden documents on encrypted AWS servers, then he was advised by consultants to move his stuff off AWS the NSA blew a gasket about that move saying they needed to 'disrupt advice such as this in the future'.. I'm guessing here, but i suspect they wanted it on AWS so they could Meltdown capture the VM contents Greenwald was using on his VM. I've seen other things and have read between the lines to suggest it. Jake Williams (Security Researcher) says the probability this was a purposeful backdoor is near 100%.

Anyway, as we roll out Meltdown patches, we're seeing performance hits from 3% up to 50%. It depends on a lot of factors, but I ran into a machine hitting 50% performance impact yesterday and we're going to recommend machine replacement..