Microsoft Corp. said fixes for security flaws present in most processors may significantly slow certain servers and dent the performance of some personal computers. It was the software maker’s first assessment of a global problem that Intel Corp. initially downplayed.
Microsoft’s statement indicates slowdowns could be more substantial than Intel has indicated. Intel Chief Executive Brian Krzanich said Monday that the problem may be more pervasive than first thought, but he didn’t discuss the degree of impact — only that some machines would be more affected than others.
Intel shares fell as much as 2.1% to $43.81 on Tuesday. Microsoft stock rose 0.2% to $88.45.
Microsoft cautioned in a blog post that servers — the computers that underpin corporate networks — used for certain tasks may show “more significant impact.” Not all servers will be affected, it said. Microsoft didn’t provide specific numbers. It said it is testing a variety of systems and will update users on what it finds.
PCs running Windows 10 and sold since 2016 should face slowdowns of less than 10%, which Microsoft said will probably not be noticeable to users. Customers with older Windows 10 PCs will notice some slowness because those machines contain older chips. Machines running Windows 7 and Windows 8 from 2015 or earlier will be the most affected, with users noticing a decrease in system performance, Microsoft said.
On Jan. 3, Intel confirmed that its chips contain a longstanding feature that makes them vulnerable to hacking. There are two main flaws, dubbed Meltdown and Spectre, and one or both are present in almost all of the billions of processors that run personal computers, servers and phones and could give attackers unauthorized access to data. The world’s largest technology companies are releasing software updates to patch these security holes, and there has been intense debate about how much this will affect the devices’ performance.
The increasingly dire assessments of the problem mean some customers will have to accept worsening computer performance in the name of security, so they would have to add more servers to get back to where they were before they applied the security updates. It also shows the challenge of patching such widespread hardware flaws.
Krzanich said late Monday that patches from companies such as Microsoft may slow computers. Previously, Intel downplayed such concerns, saying tests showed minimal or no effect on performance, although certain unusual workloads may be slowed by as much as 30%.
Microsoft is offering more data about the impact so its corporate customers can decide whether it is worthwhile to apply the security fixes. In certain cases, where servers aren’t at risk from data theft, companies may decide speed is more important than security.
“We’re also committed to being as transparent and factual as possible to help our customers make the best possible decisions for their devices and the systems that run organizations around the world,” Windows Chief Terry Myerson wrote in the blog.
Microsoft temporarily suspended some updates to Windows operating systems for PCs with chips from Advanced Micro Devices Inc. after users who were installing the patches had trouble turning on their machines or had computers freeze.
The greatest noticeable impact will be on the server computers that underpin corporate data centers and systems in cases where customers store their data in house, Microsoft said. In that area, even small deficits in performance can be magnified because those machines handle a large volume of actions that require talking to the affected part of the chips.
Microsoft has said most customers of its Azure cloud-computing service will see no noticeable impact. The company has updated its cloud systems to work around the flaw by taking such steps as isolating cloud servers dedicated to one client from those storing the data of other clients. The fixes don’t work in all cases, and the other remedies Microsoft is offering may indeed hurt performance.
Bass writes for Bloomberg.