Intel addresses Meltdown and Spectre security flaws at CES 2018
Microsoft has confirmed that users of older versions of Windows should expect to "notice a decrease in system performance" after they apply system patches to protect against the Meltdown and Spectre processor bugs.
The bugs, which affect mostly Intel processors but also some ARM and AMD chips, expose the majority of the world's computers and phones to speculative execution side-channel attacks.
A successful attack could read portions of protected, sensitive memory, such as passwords and other secrets.
Microsoft released security updates on January 3 to fix the issue at the operating system level. Intel also issued updates for its microcode.
In changing the way that Windows accesses the computer's memory, Microsoft has conceded that users may experience performance hits -- depending on the age of their computer's processor and version of Windows.
Microsoft's Terry Myerson said in a blog post that Windows 7 and Windows 8 users running older processors, like 2015-era Haswell or older chips, will be most affected by performance issues.
That's because older versions of Windows have more user-kernel transitions, such as font rendering taking place in the kernel.
In a call Monday, Microsoft said there would be some scenarios where performance might noticeably change, such as longer boot times.
Windows 10 users also running older hardware may show "more significant slowdowns," with the company expecting "some users will notice a decrease in system performance."
But Windows 10 users running newer, 2016-era Skylake and Kabylake or later processors will be largely unscathed by any slowdowns, Microsoft said, "because these percentages are reflected in milliseconds."
The software giant has yet to publish benchmarks -- something it said will land in the coming weeks.
Intel said in a blog post, however, that the typical home and business PC user should not see significant slowdowns in common tasks such as reading email, writing a document or accessing digital photos."
If you haven't received the patches already, it's likely as a result of your antivirus blocking the updates.
Microsoft said this week that it won't deliver the Meltdown and Spectre patches, or future security updates, to customers if they're running third-party antivirus that aren't confirmed to be compatible with Windows.
It's understood that the company shut out Windows users with incompatible antivirus because of the risk to instability and blue-screen system crashes.
Third-party Windows antivirus products must set a Windows registry key for customers to receive the update via Windows Update. Many antivirus makers have said they will not make the necessary changes, however.