Microsoft says security patches slowing down personal computers, servers
Microsoft Corp said on Tuesday that software patches released to guard against microchip security threats slowed down some personal computers and servers, with systems running on older Intel Corp processors seeing a noticeable decrease in performance. The comments in a blog post were the clearest signal from Microsoft that the microchip flaws for Intel and other chipmakers described last week could meaningfully degrade performance. Microsoft also said that security updates froze some computers using chipsets from Intel rival AMD, dragging AMD’s shares down nearly 4 percent. Shares in Intel, which reiterated on Tuesday that it saw no sign of significant slowdown in computers, fell 2.5 percent.
AMD shares have gained nearly 20 percent in the last week as investors speculated that the chipmaker could wrest market share from Intel, whose chips were most exposed to the security flaws. Security researchers disclosed the flaws on January 3 that affected nearly every modern computing device containing chips from Intel, AMD and ARM Holdings, owned by Japan’s SoftBank Group Corp.
“We (and others in the industry) had learned of this vulnerability under nondisclosure agreement several months ago and immediately began developing engineering mitigations and updating our cloud infrastructure,” Microsoft executive Terry Myerson wrote in a blog post on Tuesday. Meltdown and Spectre are two memory corruption flaws that could allow hackers to bypass operating systems and other security software to steal passwords or encryption keys on most types of computers, phones and cloud-based servers.
ARM Holdings estimated that around 5 percent of more than 120 billion chips its partners have shipped since 1991 was impacted by Spectre. It said the number of chips affected by Meltdown was significantly less. “ARM will address Spectre in future processors but there will need to be an ongoing discipline in the design of secure systems which needs to be addressed through both software and hardware,” a company spokesman said in an emailed statement. Intel and AMD have not disclosed the number of chips affected by the security flaws. Intel said a typical home and business PC user should not see significant slowdowns in common tasks such as reading email, writing a document or accessing digital photos.
The chipmaker said last week that fixes for security issues in its microchips would not slow down computers, rebuffing concerns that the flaws would significantly reduce performance. Rival AMD had also played down the threat, saying its products were at “zero risk” from the Meltdown flaw, but that one variant of the Spectre bug could be resolved by software updates from vendors such as Microsoft.
But on Tuesday AMD said it was aware of an issue with some older-generation processors following the installation of a Microsoft security update that was published over the weekend. Microsoft said it was working with AMD to resolve the issues. Apple Inc also released an updated version of its operating system software on Monday to fix the security flaw.