To best ensure security of our customers’ data, we are working with the industry to develop and distribute software and firmware mitigations for the exploit methods disclosed by Google Project Zero (also known as “Spectre” and “Meltdown”). As of now, we have not received any information that these exploits have been used to obtain customer data.
In early December we began distributing Intel firmware updates to our OEM partners. For Intel CPUs introduced in the past five years, we expect to issue updates for more than 90 percent of them within a week, and the remainder by the end of January. We will continue to issue updates for other products thereafter. We are pleased with this progress, but recognize there is much more work to do to support our customers.
Press Kit: Security Exploits and Intel Products
Our goal is to provide our customers with the best possible protection against the exploits while minimizing the performance impact of the updates. We plan to share more extensive information about performance impact when we can, but we also want to provide some initial information today.
Based on our most recent PC benchmarking, we continue to expect that the performance impact should not be significant for average computer users. This means the typical home and business PC user should not see significant slowdowns in common tasks such as reading email, writing a document or accessing digital photos. Based on our tests on SYSmark 2014 SE, a leading benchmark of PC performance, 8th Generation Core platforms with solid state storage will see a performance impact of 6 percent or less*. (SYSmark is a collection of benchmark tests; individual test results ranged from 2 percent to 14 percent.)
Ensuring the security of our customers’ data is job one. To help keep our customers’ data safe, we have been focused on the development and testing of the updates. We still have work to do to build a complete picture of the impact on data center systems. However, others in the industry have begun sharing some useful results. As reported last week, several industry partners that offer cloud computing services to other businesses have disclosed results that showed little to no performance impact. Also, Red Hat and Microsoft have both shared performance information.
Ultimately, overall impact will depend on the specific workload, platform configuration and mitigation technique. In some cases there are multiple mitigation options available, each with different performance implications and implementation specifics. More details on these options can be found in our white paper and in Google’s post on their “Retpoline” security solution. We and the industry continue to investigate solutions to address cases where the impact may be significant.
We are committed to helping our customers select the mitigation approach that works best for all of their goals: security, performance and compatibility. We will continue to share data and additional guidance as fast as responsibly possible.
For information and links to useful resources, visit the security research findings page on Intel.com.
*KBL-R U 4+2 Configuration:
Processor: Intel® Core™ i7-8650U Processor (KBL-R U 4+2) PL1=15W TDP, 4C8T, Turbo up to 4.2GHz Memory: 2x4GB DDR4-2400 1Rx8 Samsung M471A5143EB1
Storage: Intel® 600p m.2 NVME SSD Display Resolution: 1920×1080 OS: Windows* 10 Build RS3 16299.15. Power policy set to AC/High Perf for all benchmarks Graphics driver: 15.60.4901_whql RST: 15.9.1.1018_pv-RFfix
CFL-S 6+2 95W Configuration:
Processor: Intel® Core™ i7-8700K Processor (CFL-S 6+2), PL1=95W TDP, 6C12T, Turbo up to 4.7GHz Memory: 2x8GB DDR4-2666 2Rx4 HyperX HX426C15FBK2/16 Storage: Intel® 600p M.2 NVMe SSD Display Resolution: 1920×1080 OS: Windows 10 Build RS3 16299.15. Power policy set to AC/HighPerf for all benchmarks Graphics driver: 15.60.4877_Whql, RST: 15.9.1.1018_pv-Rffix
Software and workloads used in performance tests may have been optimized for performance only on Intel microprocessors.
Performance tests, such as SYSmark® and MobileMark®, are measured using specific computer systems, components, software, operations and functions. Any change to any of those factors may cause the results to vary. You should consult other information and performance tests to assist you in fully evaluating your contemplated purchases, including the performance of that product when combined with other products.
For more information go to http://Performance Benchmark Test Disclosure
Source: https://newsroom.intel.com/news/intel-offers-security-issue-update/