Nice. I don't think there's a snowball's chance in hell of Asus releasing an updated BIOS for my five year old MB, so this might be the way to go. A fun project for the weekend.
Hardware & Technical Meltdown/Spectre-Patches Performance hit and fix
- Thread starter Bortas
- Start date
I had to roll back the update on my gaming (99% non internet connected) PC. The update (or some of the other updates along with it (.net stuff etc)) just degraded performance too much. It was not obvious at first, but over the week i was seeing all sorts of little problems in my system develop, from slow launch of programs to issues with my firewall and security software etc.
This was on an Ivybridge i5 under Windows 7 Pro.
I'll give it some time and check back on Windows Updates in a few months, maybe they will have 'better' fixes by then?
This was on an Ivybridge i5 under Windows 7 Pro.
I'll give it some time and check back on Windows Updates in a few months, maybe they will have 'better' fixes by then?
Last edited:
As far as I know, motherboard vendors just package the microcode update that Intel sends them. They recently claimed that they produced updated firmware for 90% of their models from the last five years, so you might see one for your soon(ish). However, given that Intel can't seem to get it right even for their most recent models, what with random crashes happening (which they euphemistically termed "unexpected reboots") in the latest ones, you might want to wait a bit until it's better tested. (See what Zak Gordon wrote just above as well.)
And, to be frank, you might want to think thrice before buying Intel again. Personally, I regretted buying an i7-7700K even before the Meltdown vulnerability was revealed, and afterwards, even more so.
AV and security software needs to be patched first. Most of them use rootkit-like mechanisms that do not play well with these mitigations.
Fully mitigated, the market position of these parts doesn't change much.
If the part was a sensible buy before Meltdown became known, it's a sensible buy after being patched for Meltdown.
Last edited:
Maybe. I did come across a post on a third-party forum from someone claiming to have had feedback from Asus that their particular MB wouldn't be updated, and theirs was a generation newer than mine. But then this was just an anonymous post on an anonymous site so the usual pinch of salt applies.
The problem with the driver patch, as Morbad has pointed out, is that it loads too late in the boot sequence for Windows' built-in mitigations to see it, and activate. It provides protection down in the microcode (and fools Steve Gibson's checking tool) but OS-level efficiencies aren't enabled. Maybe Microsoft can be persuaded to leave their checking until later in the boot sequence but it seems unlikely.
Given enough time I'm sure people will come up with third-party edited BIOSes for popular mainboards, even if the manufacturer's don't. I'd have a go myself but I did kill a MB many years ago with a bad flash. There are better protections these days, but I'm still paranoid.
Not had any issues so far, aside from the overcooking CPU mentioned further up the thread. And I'm more convinced than ever that it's the beta wrapper for the Asus utilities that is causing it with a bad sensor reading. I might try transferring sensor and fan control to the BIOS and foregoing the software altogether. The biggest problem with that is that the Asus utilities also control the mode of the 2A USB port that I use to charge an iPad. Not being able to switch that in software will be a pain, although it does default to 2A when the PC is sleeping so at least the tablet gets an overnight charge.
Never had a problem with them, but Ryzen (Kyzen, whatever it's called now) was looking tempting a few weeks ago and even moreso now. Alas I can barely afford to upgrade a Happy Meal these days, so it's all very theoretical.
If anyone wants me to run the most recent (or another of their choice) firmware/BIOS for their board through UBU (a third-party tool that makes patching firmware a lot less tedious) and apply the current newest Intel microcodes for their boards, just post the board model you want firmware for and I'll see what I can do.
I can't promise anything will work, and I'd only recommend flashing modded firmware on a dual-BIOS board, unless you like to gamble.
Also, UBU doesn't like some firmware and while I can generally apply microcode patches manually with a hex editor, it's is a much more labor intensive process so I generally won't do it unless I have one of the boards in question and would be using it myself.
I haven't personally experienced any instability or crashes on my setups from the current microcode patches, but others have, so it is a gamble. Of course, it's usually easier to flash firmware back if trouble does occur than it is to undo the consequences of a potentially major security exploit.
I can't promise anything will work, and I'd only recommend flashing modded firmware on a dual-BIOS board, unless you like to gamble.
Also, UBU doesn't like some firmware and while I can generally apply microcode patches manually with a hex editor, it's is a much more labor intensive process so I generally won't do it unless I have one of the boards in question and would be using it myself.
I haven't personally experienced any instability or crashes on my setups from the current microcode patches, but others have, so it is a gamble. Of course, it's usually easier to flash firmware back if trouble does occur than it is to undo the consequences of a potentially major security exploit.
Yeah, the firewall is updated to work nice etc. Not getting any real nasty issues, but as this machine is off line all the time i will sit it out and see if giving it more time will allow less performance degradation down the line. My online PC's are Linux mostly and they are all fine so far post patches etc.
Well, my curiosity won out over my paranoia, and I've used UBU to produce a customised BIOS. Both GRC's tool and Microsoft's PowerShell script now show a full complement of green strings. Obviously if an official microcode source appears either from Asus or Microsoft I'll use that in preference. In the meantime I'll keep an eye out for those Intel reboots, and revert if necessary.
About the only downside so far is that the customised BIOS fails the validation check, so it can be flashed only from external USB and not via Asus' software with its MyLogo feature. So no custom boot image of my Anaconda any more. A small price to pay.
For gaming perhaps. But in cases where the performance impact of the patch is noticeable, the market position of these parts does change. Then there's that the mitigations so far can produce system crashes, which might not be too bad for gaming (unless you happen to be playing online), but is worse for other uses.
But for the most part, I didn't mean the market position of Intel's parts (I still maintain that they are overpriced), I've meant Intel's general attitude and approach to this whole thing. You can expect more of the same next time, hence why I suggested that people might want to think again before buying Intel the next time.
Update: then there's that according to the Linux kernel patches that Intel are trying to submit, it looks like they aren't interested in fixing the indirect branch speculation, only including it as an optional fix that has to be enabled by the OS, instead of you know, applying it with no way around. Sacrificing security for the sake of performance benchmarks.
Last edited:
Yeah, I/O heavy uses do see appreciable performance degradation, but rarely do end-users qualify.
My usage patters are quite a bit heavier than most consumers (fair bit of virtualization and modest database work), and I've not noticed any perceptible changes in either performance or stability on my fully mitigated (firmware microcode + OS patches, all options manually enabled) systems. I can definitely benchmark differences in some areas, but it's not to the level I can feel them.
Oh, I agree that Intel hasn't really handled things well and that current mitgations are sloppy. I'm also less likely to purchase Intel next time around, but the deciding factor will be (and has always been) the final (post patch) performance per dollar I can get for what I intend to do, as long as certain minimums are met.
I had to regress the BIOS update containing the CPU microcode patch on my ASUS motherboard as it was causing horrible graphical stuttering and audio popping in ED (most noticeably in resource extraction sites). Have gone back to the previous BIOS version and running smooth again. First time I've ever had to roll-back an ASUS BIOS update. I can't find anyone else on the internet that has had this issue, though I'm wondering if has something to do with SSD access as some people on the ASUS forums have experienced a performance hit with storage access. Unfortunately RL is busy right now so no time to troubleshoot deeper, besides, I'd like to be able to enjoy the beta 
i7-6700K @stock
ASUS Maximus Hero VIII
Corsair DDR4 2400 @ 3200Mhz
ASUS Strix GTX 1080 O8G 11gbps memory
Win10 Pro 64-bit (with KB4056892 installed)
nvidia drivers tried: 388.43 and 385.69
i7-6700K @stock
ASUS Maximus Hero VIII
Corsair DDR4 2400 @ 3200Mhz
ASUS Strix GTX 1080 O8G 11gbps memory
Win10 Pro 64-bit (with KB4056892 installed)
nvidia drivers tried: 388.43 and 385.69
Last edited:
There has been a long standing bug in ED where this crops up from time to time.
I'd wager encountering it along side the mitigations was coincidental, but it's would be hard to tell for certain without a lot of troubleshooting.
The mitigations cause a latency penalty for every kernel/privileged mode access, which includes almost all I/O traffic. Essentially every fast drive, which could reach CPU limited scenarios with enough IOPS, is going to see reduced performance.
However the net effect of this should be imperceptible in almost every game, certainly ED, which is not streaming assets off the drive constantly.
Some new news on this stuff.
'Intel outlines plans for Meltdown and Spectre fixes, microcode for older chips':
https://arstechnica.com/gadgets/201...-and-spectre-fixes-microcode-for-older-chips/
'Intel outlines plans for Meltdown and Spectre fixes, microcode for older chips':
https://arstechnica.com/gadgets/201...-and-spectre-fixes-microcode-for-older-chips/
Everything down to Sandy Bridge has had updated microcode fixes available for over a week at this point, but many board makers are taking their time pushing out new firmware, if they ever intend to do so for old boards. Many people will be forced to patch the microcode into existing firmware themselves, or with third party utilities, if they want low-level (OS agnostic) mitigations.
Core 2 and first gen Core i parts are the only architectures with firmware mitigations scheduled that still lack them.
Core 2 and first gen Core i parts are the only architectures with firmware mitigations scheduled that still lack them.
FWIW, since this thread has been resurrected, the roll-your-own BIOS I made for the Z87 using the early release Intel microcode had some issues.
I didn't see any of the random crashes or reboots reported by some users, but I did notice my system would bog down and run out of resources much faster than before. It reminded me of the Windows 95/98 days, when the GDI subsystem would run out of resources and become so slow that you could literally see the buttons being drawn. This wasn't quite as bad, but the general lag was pretty unpleasant. For general tasks it would make it through a working day before the sluggishness became too apparent, but for gaming it was pretty much a non-starter. I rolled back to the last unpatched BIOS.
I might give it another go at some point with the latest microcode, but if that's the kind of performance hit the mitigation causes I think I'd sooner live with the slightly increased attack surface.
I'm just glad I didn't react to Spectre by immediately rushing out and buying a Ryzen based system.
I didn't see any of the random crashes or reboots reported by some users, but I did notice my system would bog down and run out of resources much faster than before. It reminded me of the Windows 95/98 days, when the GDI subsystem would run out of resources and become so slow that you could literally see the buttons being drawn. This wasn't quite as bad, but the general lag was pretty unpleasant. For general tasks it would make it through a working day before the sluggishness became too apparent, but for gaming it was pretty much a non-starter. I rolled back to the last unpatched BIOS.
I might give it another go at some point with the latest microcode, but if that's the kind of performance hit the mitigation causes I think I'd sooner live with the slightly increased attack surface.
I'm just glad I didn't react to Spectre by immediately rushing out and buying a Ryzen based system.
ASROCK released a bios update for my X99 WS a couple of days ago; I am going to let the dust settle and monitor their forums for a while before I apply it.
'AMD systems gain Spectre protection with latest Windows fixes':
https://arstechnica.com/gadgets/201...ates-bring-spectre-protection-to-amd-systems/
https://arstechnica.com/gadgets/201...ates-bring-spectre-protection-to-amd-systems/