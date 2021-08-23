A recently discovered security vulnerability impacting select Intel CPUs released between 2015 and 2019 has been patched thanks to a new software-level microcode update. Unfortunately, early testing has revealed some pretty significant performance penalties introduced by the mitigation effort.

Rob published a comprehensive report on Downfall yesterday. For the sake of brevity, I'll simply direct you to his article should you need to get up to speed on the vulnerability. Intel also has a list of affected processors.

Michael Larabel from Phoronix has put the microcode update to the test using a variety of processors including a pair of Xeon Platinum 8380 chips, a Xeon Gold 6226R, and a Core i7-1165G7 across multiple workloads in Linux.

[...] . It's worth noting that there is an opt-out mechanism in the microcode that allows users to disable the mitigation should they deem the performance hit too steep or don't believe they operate in an environment where they'd be susceptible to an attack. As Tom's Hardware notes, the complexity of the attack could also play into your decision on whether or not to bypass the mitigation.