Microsoft has released Intel microcode updates for Windows 10 that should protect the users of the operating system against a recently discovered vulnerability in Intel processors. The vulnerability is called L1 Terminal Fault (L1TF) or Foreshadow and can provide an attacker access to sensitive data on personal computers and cloud servers.
Together with the disclosure of the Foreshadow vulnerability, Microsoft already released a patch for Windows. To fully protect computers, software updates alone aren’t sufficient, also microcode and/or firmware updates are necessary. Intel readied these micro-updates this weekend, and Microsoft has started to distribute them to Windows 10 users.
The software giant states on its website that the updates can have an impact on system performance depending on the system. In case of end-user systems, tests indicate that there was hardly any noticeable performance degradation. On systems based on Virtualization Based Security (VBS) or Hyper-V for Windows Server 2016, it’s possibly needed to fully disable HyperThreading to protect the system against the Foreshadow vulnerability. This can have a severe negative impact on system performance.
However, Windows Server 2016 offers en option to enable Hyper-V Core Scheduler that protects against Foreshadow and allows HyperThreading to remain enabled. Therefore, on those systems the microcode updates have hardly any impact on system performance.