• Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.
  • The forums have been upgraded with support for dark mode. By default it will follow the setting on your system/browser. You may override it by scrolling to the end of the page and clicking the gears icon.

How can I disable protection from Specter V2 in windows 10?

Status
Not open for further replies.
vattghern

vattghern

New Member
Joined
Mar 4, 2022
Messages
8 (0.01/day)
Location
Finland
I read an article today that protection against the new Specter V2 vulnerability hits processor performance by up to 35%. I'm not worried about this vulnerability on my home PC, I care about the performance I paid for. How can I disable this protection? As far as I know, this is done by editing the registry.
 
download "InSpectre" run it as admin and disable both protections, reboot and check again if they are disabled.
 
Hi,
I didn't look at the link but would of been surprised if it didn't have a link to the utility

GRC | InSpectre
 
That disables the windows mitigations, but what about the microcode stuff that has already been implemented?
 
freeagent said:
That disables the windows mitigations, but what about the microcode stuff that has already been implemented?
Click to expand...
this seems to be baked in. (but afaik only the software solutions like these two patches are hurting performance. there was a video from Tech Yes City back when it was new and i remember that the microcode updates were in the margin of error)
 
Hi,
Spectre and meltdown is two out of three third being micro code but most performance should be back
Some won't have to worry about the micro code seeing their systems are eol

Might get some watchdog/ bsod though because ms/ defender blocking program access in areas.
 
Low quality post by Assimilator
Imagine if you'd actually read the article.

But again, workloads that don't rely on I/O or networking didn't show significant performance loss. These include gaming, web browsing, and other daily tasks.
Click to expand...

If you want to be stupid and have sex without a condom, all the best to you. Just don't come crying to us when your wang falls off.
 
Good thing Assimilator's post got LQed. It was a bad example anyway!!! I'd like to have some sensation during sex. As long as both parties were tested & clean, there shouldn't be a problem. There are birth control pills, UID, and more.

Some processors and apps are more/less affected by the Spectre and Meltdown mitigations. If your server's efficiency drops by 30 percent, it is somehow a big deal.

Best thing is to benchmark your apps/games with mitigations OFF and ON. Usually, it shouldn't make much a difference unless you have some unique app/service/game.
 
freeagent said:
That disables the windows mitigations, but what about the microcode stuff that has already been implemented?
Click to expand...
AFAIK most of the microcode mitigations won't be used without windows supporting them. So this should be pretty close to the same, using InSpectre.
 
R-T-B said:
AFAIK most of the microcode mitigations won't be used without windows supporting them. So this should be pretty close to the same, using InSpectre.
Click to expand...
Yessir, I forgot about that.. I am convinced my 3770K was updated through microcode, and in doing so the VID was updated to a higher value. I only noticed because that value had never increased in Core Temp before, now it is the norm when I run the clocks that I am. Also requires more vcore.. these changes happened shortly after all of this dropped.. about a month or so after I got the system :D

Or maybe I should put away my tinfoil hat.. not sure yet..
 
vattghern said:
I care about the performance I paid for.
Click to expand...
How much was that? We might discover of what is your CPU and deliver better answers.
 
kiriakost said:
How much was that? We might discover of what is your CPU and deliver better answers.
Click to expand...
I have 10400f, when I started the program I see this:

Screenshot_8.png


Meltdown protection and Microcode Update were not enabled/installed. Apparently, this is due to the fact that I do not have the latest BIOS version installed. I'm not sure how Specter affects the performance of my processor, as I haven't tested it... Perhaps this problem only occurs on 11 and 12th processors?
 
An alternative tool is "mitigations status", it also supports toggling SSB.
 
vattghern said:
I have 10400f, when I started the program I see this:

View attachment 239645

Meltdown protection and Microcode Update were not enabled/installed. Apparently, this is due to the fact that I do not have the latest BIOS version installed. I'm not sure how Specter affects the performance of my processor, as I haven't tested it... Perhaps this problem only occurs on 11 and 12th processors?
Click to expand...
That's kind of amazingly bad for Inspectre to report that considering anything newer than 9900k has on chip Meltdown protections.
 
R-T-B said:
That's kind of amazingly bad for Inspectre to report that considering anything newer than 9900k has on chip Meltdown protections.
Click to expand...
Do you mean that I will not be able to disable protection with this program?
 
vattghern said:
I have 10400f, when I started the program I see this ... Perhaps this problem only occurs on 11 and 12th processors?
Click to expand...

What you classify as limitation or a problem, this is solely your own assumption, and I do not have any plans so to help you, about to change it.

But this topic it did motivated me, to check my system.
I have In-Spectre protected latest BIOS, I did personally request the file from Gigabyte , 45 days ago.

Regarding statistics, the screenshot of my system, this represents of how a fully patched and modern system, this should look like.
And I am damn happy about it.




In-Spectre-Protected.jpg




In early 2018 the PC industry was rocked by the revelation that common processor design features, widely used to increase the performance of modern PCs, could be abused to create critical security vulnerabilities. The industry quickly responded, and is responding, to these Meltdown and Spectre threats by updating operating systems, motherboard BIOSes and CPU firmware.

Protection from these two significant vulnerabilities requires updates to every system's hardware-its BIOS which reloads updated processor firmware-and its operating system-to use the new processor features. To further complicate matters, newer processors contain features to minimize the performance impact of these important security improvements. But older processors, lacking these newer features, will be significantly burdened and system performance will suffer under some workloads.

This InSpectre utility was designed to clarify every system's current situation so that appropriate measures can be taken to update the system's hardware and software for maximum security and performance.

This system's present situation:

This 64-bit version of Windows has been updated for full awareness of both the Spectre and the Meltdown vulnerabilities. If the system's hardware (see below) has also been updated, this system will not be vulnerable to these attacks.

This system's hardware has been updated with new features required to allow its operating system to protect against the Spectre vulnerabilities and/or to minimize their impact upon the system's performance. (Protection from the Meltdown vulnerability does not require BIOS or processor updates.)

This system's Intel processor provides high-performance protection from the Meltdown vulnerability. A properly updated operating system will be able to provide protection without significant system slowdown.

This system's Intel processor provides high-performance protection from the Meltdown vulnerability, but this version of Windows is not taking advantage of those features to offer that protection without performance penalties. (It could and should!) You may wish to consider disabling this system's Meltdown protection until it is offered at lower system performance cost.

Due to the potential performance impact of these vulnerability protections, which may be particularly burdensome on older hardware and operating systems that cannot be updated, either one or both of these protections may be disabled with Windows registry settings. This system's "protection disable" is currently set as follows:

The system's registry is configured to enable both of the Spectre and Meltdown protections. Within the bounds of any limitations described above, Windows will work with the system's processor to prevent the exploitation of these vulnerabilities.

Guidance & Observations

The Windows OS installed on this young Intel-based system is employing the slowest approach for preventing Meltdown vulnerability attacks despite the fact that this system's modern processor does support high-speed prevention. This is something that Microsoft could fix if they chose to. (They did it for the latest Windows 10.) The question is: Will they step up and do what they should? or will they use this as additional pressure to push users where they clearly do not wish to go?

When enabled and active, both of these vulnerability protections come at some cost in system performance, and Meltdown attack protection may be quite expensive on older systems or under versions of Windows where Microsoft has not bothered to implement high-speed solutions. If this system's performance is more important than security, either or both of the vulnerability protections can be disabled to obtain greater performance.

When InSpectre is run with elevated administrative privilege, each button below toggles its respective protection on or off. Any changes will take effect after the system is restarted. Each button will be disabled if its protection is not available to be changed.

For more information see GRC's InSpectre web page

Copyright © 2018 by Gibson Research Corporation
 
Last edited:
kiriakost said:
What you classify as limitation or a problem, this is solely your own assumption, and I do not have any plans so to help you, about to change it.

But this topic it did motivated me, to check my system.
I have In-Spectre protected latest BIOS, I did personally request the file from Gigabyte , 45 days ago.

Regarding statistics, the screenshot of my system, this represents of how a fully patched and modern system, this should look like.
And I am damn happy about it.




View attachment 239661



In early 2018 the PC industry was rocked by the revelation that common processor design features, widely used to increase the performance of modern PCs, could be abused to create critical security vulnerabilities. The industry quickly responded, and is responding, to these Meltdown and Spectre threats by updating operating systems, motherboard BIOSes and CPU firmware.

Protection from these two significant vulnerabilities requires updates to every system's hardware-its BIOS which reloads updated processor firmware-and its operating system-to use the new processor features. To further complicate matters, newer processors contain features to minimize the performance impact of these important security improvements. But older processors, lacking these newer features, will be significantly burdened and system performance will suffer under some workloads.

This InSpectre utility was designed to clarify every system's current situation so that appropriate measures can be taken to update the system's hardware and software for maximum security and performance.

This system's present situation:

This 64-bit version of Windows has been updated for full awareness of both the Spectre and the Meltdown vulnerabilities. If the system's hardware (see below) has also been updated, this system will not be vulnerable to these attacks.

This system's hardware has been updated with new features required to allow its operating system to protect against the Spectre vulnerabilities and/or to minimize their impact upon the system's performance. (Protection from the Meltdown vulnerability does not require BIOS or processor updates.)

This system's Intel processor provides high-performance protection from the Meltdown vulnerability. A properly updated operating system will be able to provide protection without significant system slowdown.

This system's Intel processor provides high-performance protection from the Meltdown vulnerability, but this version of Windows is not taking advantage of those features to offer that protection without performance penalties. (It could and should!) You may wish to consider disabling this system's Meltdown protection until it is offered at lower system performance cost.

Due to the potential performance impact of these vulnerability protections, which may be particularly burdensome on older hardware and operating systems that cannot be updated, either one or both of these protections may be disabled with Windows registry settings. This system's "protection disable" is currently set as follows:

The system's registry is configured to enable both of the Spectre and Meltdown protections. Within the bounds of any limitations described above, Windows will work with the system's processor to prevent the exploitation of these vulnerabilities.

Guidance & Observations

The Windows OS installed on this young Intel-based system is employing the slowest approach for preventing Meltdown vulnerability attacks despite the fact that this system's modern processor does support high-speed prevention. This is something that Microsoft could fix if they chose to. (They did it for the latest Windows 10.) The question is: Will they step up and do what they should? or will they use this as additional pressure to push users where they clearly do not wish to go?

When enabled and active, both of these vulnerability protections come at some cost in system performance, and Meltdown attack protection may be quite expensive on older systems or under versions of Windows where Microsoft has not bothered to implement high-speed solutions. If this system's performance is more important than security, either or both of the vulnerability protections can be disabled to obtain greater performance.

When InSpectre is run with elevated administrative privilege, each button below toggles its respective protection on or off. Any changes will take effect after the system is restarted. Each button will be disabled if its protection is not available to be changed.

For more information see GRC's InSpectre web page

Copyright © 2018 by Gibson Research Corporation
Click to expand...
As I understand it, for a better "balance of performance" and "medium" security, you can enable Specter protection and disable Meltdown. I recently upgraded from I7 2600k to 10400f, and on my old processor and motherboard configuration (which miraculously still works), this program displayed the same thing as you, i.e. both protections have been enabled and the firmware has been updated. Although I did not update the BIOS (no updates were released for 7 years). And the results were as follows:

t_2iW6sYD3U.jpg
8DoPwNB07fA.jpg

After
fRv31oq3Zy0.jpg

 
To be honest, I am totally unaware, of how my system this get software level patched.
Microsoft did not do it, due windows updates patch (I am in control of this).
But now I am suspecting driver file install which came from automatic driver update, as soon it was detected the Z87 chip-set.

The description performance-loss, this is unclear, I have Microsoft training IT server.
Usual Microsoft applications as is MS Office, along third party Adobe Photoshop, or even my web-design software, they all work super fast.
My game for on-line gaming this produces very fast FPS.
Therefore I do not have any proofs that the what ever negative impact this is a true problem.

The software report speaks about greater loss at Win 7, and no loss at Win 10.
I am using Win7 and I do not see the problem. :)
 
kiriakost said:
To be honest, I am totally unaware, of how my system this get software level patched.
Microsoft did not do it, due windows updates patch (I am in control of this).
But now I am suspecting driver file install which came from automatic driver update, as soon it was detected the Z87 chip-set.

The description performance-loss, this is unclear, I have Microsoft training IT server.
Usual Microsoft applications as is MS Office, along third party Adobe Photoshop, or even my web-design software, they all work super fast.
My game for on-line gaming this produces very fast FPS.
Therefore I do not have any proofs that the what ever negative impact this is a true problem.

The software report speaks about greater loss at Win 7, and no loss at Win 10.
I am using Win7 and I do not see the problem. :)
Click to expand...
In that case, I think i don't need to worry about it. Thanks!
 
Bunch of tests written with code that does not use a single INTEL CPU natively supported command set.
This is why the guys of Linux they should keep a distance from us using windows.
We do not care of RAW calculation tests.

But it was fun reading about the Java test = no impact at web browsers either.
 
kiriakost said:
Bunch of tests written with code that does not use a single INTEL CPU natively supported command set.
This is why the guys of Linux they should keep a distance from us using windows.
We do not care of RAW calculation tests.
Click to expand...
non-sense you don't know what you are talking about the intel specific instruction sets have nothing todo with spectr
its the way cpu architecture is designed is NOT an instruction set or ANY software

the perf hit is real and is generally 15-30% depending on the platform and workload I don't give a flying guy fawks if you believe it or not you can't argue with the benchmarks
this has been tested repeatedly by multiple sources on multiple cpus
 
OneMoar said:
non-sense you don't know what you are talking about the intel specific instruction sets have nothing todo with spectr
its the way cpu architecture is designed is NOT an instruction set or ANY software

the perf hit is real and is generally 15-30% depending on the platform and workload I don't give a flying guy fawks if you believe it or not you can't argue with the benchmarks
this has been tested repeatedly by multiple sources on multiple cpus
Click to expand...

I do not trust your sources.. for as long they use their own hand made routines and not widely known benchmarks.
 
kiriakost said:
I do not trust your sources.. for as long they use their own hand made routines and not widely known benchmarks.
Click to expand...
that is your problem not mine
live in ignorance I care not to waste anymore time here
 
Status
Not open for further replies.
Back
Top