Performance Impact of Spectre and Meltdown Mitigations

Posted on

Over the past week or so, there has been a lot of talk about the big, bad vulnerabilities called Spectre and Meltdown. For many, getting the patches out and the problem mitigated is the highest priority. However, there are many out there that are worried about the impact on performance with these latest patches.

Terry Myerson has put up a blog post addressing these worries. For those with CPU’s older than a couple years old, you may have a noticeable impact on system performance. For those with newer CPU’s, there will be an impact, but it will be much less noticeable, if at all.

Here is the summary of what we have found so far:

  • With Windows 10 on newer silicon (2016-era PCs with Skylake, Kabylake or newer CPU), benchmarks show single-digit slowdowns, but we don’t expect most users to notice a change because these percentages are reflected in milliseconds.
  • With Windows 10 on older silicon (2015-era PCs with Haswell or older CPU), some benchmarks show more significant slowdowns, and we expect that some users will notice a decrease in system performance.
  • With Windows 8 and Windows 7 on older silicon (2015-era PCs with Haswell or older CPU), we expect most users to notice a decrease in system performance.
  • Windows Server on any silicon, especially in any IO-intensive application, shows a more significant performance impact when you enable the mitigations to isolate untrusted code within a Windows Server instance. This is why you want to be careful to evaluate the risk of untrusted code for each Windows Server instance, and balance the security versus performance tradeoff for your environment.

For context, on newer CPUs such as on Skylake and beyond, Intel has refined the instructions used to disable branch speculation to be more specific to indirect branches, reducing the overall performance penalty of the Spectre mitigation. Older versions of Windows have a larger performance impact because Windows 7 and Windows 8 have more user-kernel transitions because of legacy design decisions, such as all font rendering taking place in the kernel. We will publish data on benchmark performance in the weeks ahead.

Several Windows Updates Blocked For AMD Users

Posted on

Microsoft released several security updates recently to protect against the Spectre and Meltdown vulnerabilities. However, several of these caused some real issues with AMD powered systems. For now, Microsoft has paused the updates from being delivered to AMD systems. Intel powered systems are still receiving the updates.

“After investigating, Microsoft has determined that some AMD chipsets do not conform to the documentation previously provided to Microsoft to develop the Windows operating system mitigations to protect against the chipset vulnerabilities known as Spectre and Meltdown. To prevent AMD customers from getting into an unbootable state, Microsoft will temporarily pause sending the following Windows operating system updates to devices with impacted AMD processors at this time:

The updates include

No Insider Build This Week, More Issues with Recent Build

Posted on

Dona Sarkar has tweeted that there are needing more time to fix the bugs in the latest build that were reported over the holiday. So, no new builds this week for Insiders. They are looking for next week, but as usual – no promises as they want to make sure they aren’t putting out a dud.

Also in the news: Brandon LeBlanc has updated the Known Issues of the most recent build released to insiders, build 17063. Here’s the newest items:

  • ADDED 1/4/18: Some PCs will bugcheck (GSOD) when entering into Connected Standby.
  • ADDED 1/4/18: When you open Task View immediately after an upgrade, Timeline may not be visible. If you encounter this, wait 15-30min and try launching Task View again.
  • ADDED 1/4/18: We’re investigating an issue where some Bluetooth devices don’t work on this build and Device Manager shows error 43 for these drivers.
  • ADDED 1/4/18: The Settings app may crash on certain pages if the Settings window isn’t big enough. Windows Update Settings is one of the pages impacted. If you’re experiencing this, maximizing the Settings window (so it’s full screen) will resolve it.
  • ADDED 1/4/18: In certain cases, USB devices with unreliable connections may cause bugchecks (GSOD) on PCs.

Microsoft Home Automation News

Posted on

A couple bits of information today regarding Microsoft’s moves into home automation, another hobby of mine. A while back, Microsoft announced they would be working with Amazon and Alexa integration with Cortana. While they had mentioned it would be working by the end of the year, 2017, that didn’t happen. Brad Sams asked why and got the typical “Soon.” response, which is much better than the other typical response – “We cannot comment on unreleased products or features.”.

I pinged both Amazon and Microsoft about the setback and the responses don’t offer any insight into the delay other than the feature will be rolled out in the near future. A Microsoft spokesperson tells me “We’ll have more to share soon.” and Amazon provided a similar response, “We’re working on it and expect to begin rolling it out soon”.

Now, Microsoft hasn’t put all it’s home automation ideas into one basket. They have partnered with Johnson Controls to release a smart thermostat, similar to Nest or Ecobee. This one, called GLAS,  is powered by Windows IoT Core and has Cortana integration. With it’s nice looking display and options that give you plenty of information at your finger tips, it’s a nice addition to the smart thermostat category. It is set to release in March of this year, pricing is not yet available on the pre-order website.

Cortana is integrated into the thermostat so you can use your voice to easily adjust your space, in addition to understanding indoor and outdoor temperature and learning about the current weather forecast. For example, just say, “Hey Cortana, set the temperature to 68 degrees,” and GLAS will adjust the temperature in your space accordingly. Moreover, Cortana can help you manage your calendar, inform you of traffic, answer questions, and more, so all of this information is on display in one place to help jumpstart your day before leaving the door.

How to Tell Which Build You Are Running in Windows 10

Posted on

Windows 10 was supposed to be the last version of Windows. It really is in a way. However, rather than incrementing the version number itself, Microsoft uses Windows 10 Build number to differentiate the various versions. They also assign certain builds (no longer called RTM’s) names such as Creators Build, Fall Creators Build, etc.. So, how do you know which build you are running? Knowing your build number can help out when looking for updates or seeing if a piece of software is compatible with your build, or if you are out of date with the current released version.

There are several methods, which I will describe here.


1. Right click on the start button and select Run. Type winver and press enter. This will bring up a small Windows with details of your Windows version. The build number is identified there.




2. Right click on the start button and select System. In that window, towards the bottom, the build number is listed.





3. For many Windows Insider builds, but not all – especially when getting close to final release – there is a watermark in the lower left hand corner of the screen.


Set Dark Mode in Windows 10 Apps

Posted on

Windows 10 has a dark side. Well, a darker theme for the Windows Apps. I prefer the darker theme myself, as I don’t like things so blindingly bright.

To switch from the light to the dark theme, you can follow these instructions.


1. Right click the Desktop and select Personalize.



2. In the left pane, select Colors. Then scroll down the right pane until you see “Choose your default app mode”. There, you can select Dark (or Light if you’re already changed it).



3. The change should be immediately apparent and you can click the X to close the window. The changes apply to Windows 10 Apps, including Calculator, Settings, Messaging, and others.









New Intel CPU Security Flaw Fix Could Cause Up To 30% Performance Hit

Posted on

A new security flaw within Intel CPU’s, some as old as 10 years old, has been found. The flaw affects all operating systems, including Linux, MacOS, and Windows. A fix for the flaw has been in the works for Windows since November. Current updates look to impose a 5-30% performance hit on the processors. AMD processors do not have this flaw. Incidentally, AMD stocks are rising while Intel is dropping.

As for the details of the flaw? I’ll let the experts explain it, as they can do a much better job.

Crucially, these updates to both Linux and Windows will incur a performance hit on Intel products. The effects are still being benchmarked, however we’re looking at a ballpark figure of five to 30 per cent slow down, depending on the task and the processor model. More recent Intel chips have features – such as PCID – to reduce the performance hit. Your mileage may vary.

Update: Intel has put out a press release, mentioning that it may not be limited to just Intel CPU’s and may include AMD and ARM CPU’s as well. Still no confirmation on the impact with the other vendors or how vulnerable they are, but according to Intel it may be an issue.

Intel and other technology companies have been made aware of new security research describing software analysis methods that, when used for malicious purposes, have the potential to improperly gather sensitive data from computing devices that are operating as designed. Intel believes these exploits do not have the potential to corrupt, modify or delete data.

Recent reports that these exploits are caused by a “bug” or a “flaw” and are unique to Intel products are incorrect. Based on the analysis to date, many types of computing devices — with many different vendors’ processors and operating systems — are susceptible to these exploits.

Intel is committed to product and customer security and is working closely with many other technology companies, including AMD, ARM Holdings and several operating system vendors, to develop an industry-wide approach to resolve this issue promptly and constructively. Intel has begun providing software and firmware updates to mitigate these exploits. Contrary to some reports, any performance impacts are workload-dependent, and, for the average computer user, should not be significant and will be mitigated over time.

Intel is committed to the industry best practice of responsible disclosure of potential security issues, which is why Intel and other vendors had planned to disclose this issue next week when more software and firmware updates will be available. However, Intel is making this statement today because of the current inaccurate media reports.

Check with your operating system vendor or system manufacturer and apply any available updates as soon as they are available. Following good security practices that protect against malware in general will also help protect against possible exploitation until updates can be applied.

Intel believes its products are the most secure in the world and that, with the support of its partners, the current solutions to this issue provide the best possible security for its customers.

Update 2: There seems to be some confusion between multiple processor flaws that have recently been released. This site has a lot more information on both of them.

Meltdown and Spectre exploit critical vulnerabilities in modern processors. These hardware bugs allow programs to steal data which is currently processed on the computer. While programs are typically not permitted to read data from other programs, a malicious program can exploit Meltdown and Spectre to get hold of secrets stored in the memory of other running programs. This might include your passwords stored in a password manager or browser, your personal photos, emails, instant messages and even business-critical documents.

Update 3: AMD has released a statement showing that their CPU’s are not vulnerable to the Intel CPU flaw.

To be clear, the security research team identified three variants targeting speculative execution. The threat and the response to the three variants differ by microprocessor company, and AMD is not susceptible to all three variants. Due to differences in AMD’s architecture, we believe there is a near zero risk to AMD processors at this time.

Update 4: Microsoft has released an out-of-band patch for Windows 10 in KB4056892. Should come through in automatic updates.

January 2018 Security Updates

Release Date: January 03, 2018

The January security release consists of security updates for the following software:

  • Internet Explorer

  • Microsoft Edge

  • Microsoft Windows

Microsoft Professional Program Now Includes IT Support

Posted on

For those starting out in the IT Support field, which includes Help Desk and Technical Support, the Microsoft Professional Program has a new self-learning trackIT Support. The Microsoft Professional Program has several other tracks for interested IT Professionals that may be of interest. It is a self learning curriculum that doesn’t include any formal certifications, but it is a great learning opportunity.

The full track is pretty intensive, including 14 required courses each taking from 8-16 hours. The skills learned include communication, hardware and networking essentials, Windows installation, configuration, maintenance, and more.

This is the first MPP track aimed entirely at beginners, and provides job-ready skills for anyone looking to enter IT Support. This is a great way to enter the IT field, which has an estimated need of 400,000 jobs worldwide. The only requirements before beginning this track is some familiarity with computers and the ability to access the online courses, making it ideal for someone who wants an entry-level position in IT Support but may not have the necessary skills.

Make File Explorer Open “This PC” and not “Quick Access”

Posted on


One of my annoyances with Windows 10 is that when you open File Explorer, you are greeted with the “Quick Access” options, which for me is not really quick access. I find it faster and easier to go straight to “This PC”. Here is how you can switch the default behavior within File Explorer.



1. Open File Explorer. Click on Options > Change folder and search options:



2. On the ‘Open File Explorer to’ dropdown box, change the default from Quick Access to This PC.



3. Click OK, then test it by opening File Explorer from the quick start buttons on the task bar. It should open to This PC!


Farewell Groove Music, Hello Spotify

Posted on

It should come as no surprise to anyone as there has been a bit of notice, January 1st marked the date where Groove Music was finally discontinued. For those that were subscribers, you should have already gotten a pro-rated refund. The Groove Music App will still be maintained, which is good news. It is a great Windows app for listening to music.

For anyone looking for an alternative service, Microsoft has partnered with Spotify, which is a great service as well.

For more information on the loss of Groove Music, take a look at Microsoft’s FAQ for the discontinuation of the service.

On January 1, 2018, the Groove Music Pass streaming service was discontinued. If your Pass subscription went beyond December 31, 2017, we will give you (or already gave you) a prorated refund or a Microsoft gift card (see timing details below). We’ll continue to update the Groove Music app so you can play and manage the music you’ve purchased and downloaded to your PC or uploaded to OneDrive or another cloud storage service, but the app will no longer stream or play Groove Music Pass content.