As the world’s biggest computer companies release a wave of software upgrades to fix the big chip security flaws that became public last week, users have feared slowdowns in computers, games, browsers and phones.
Microsoft on Tuesday suspended some of its required updates after there were reports that on some computers running Advanced Micro Devices processing chips, the patches caused the computers to stop working. On others, it warned users might experience a slowdown.
How can you tell if an hour-glassing website or program is result of the upgrade? Really, there’s no simply way to check if a patch is affecting your performance — but according to experts the chances are it’s not the culprit.
On most systems being run by home users, the slowdowns are probably due to more mundane problems.
“The issues being reported could be placebo effect. Users love to blame the latest update on why their system seems slower,” said Chris Goettl, a product manager at Utah-based software company Ivanti.
Older software and chips will take the biggest hit, Microsoft said. In a blog post it said that in computers running the Windows 8 and Windows 7 operating systems on Intel central processing unit chips from 2015 and before “we expect most users to notice a decrease in system performance.”
The biggest issue for Windows users is that Microsoft no longer supports extremely old versions of Windows such as Windows XP and Windows Vista, so no patches will be forthcoming.
That’s a problem because globally a large number of businesses still run this software on at least some of their computers. A full 42% of businesses run Windows XP on at least one machine and 7% run Windows Vista somewhere, according to Spiceworks, a Texas-based company that makes software that lets businesses catalog what software they have installed.
“Organizations understand the risks, but in some cases there’s just simply no alternative or insufficient funds or resources or time to move away from these older systems. Maybe they have an old printer or machine that had controller software that was locked to a certain piece of software,” said Peter Tsai, a senior technology analyst at Spiceworks.
The Spectre and Meltdown vulnerabilities revealed last week by Google researchers and Intel was broad and reached back decades. The flaws affect devices with certain Intel, AMD and ARM chips and make it possible for hackers to access information previously considered secure. Companies have been scrambling to push out patches that protect against flaw before hackers attack.
In some cases, companies say, these patches create workarounds that can slow the overall functioning of the program.
Corporate systems that require a lot of network time and involve information moving in and out of devices could definitely be affected, said Satya Gupta, chief security officer at security firm Virsec.
However, for most regular users the slowdowns won’t be noticeable.
“On my own systems, I had patched to current and I had not noticed any appreciable hit to performance when tracking the memory usage on the systems. For some, perception can be nine-tenths of reality,” said Dave Lewis, global security advocate for content delivery network Akamai.
Apple systems appear to have been relatively unaffected. In a blog post Tuesday the company said that when it tested updates to its operating systems, it found no measurable reduction in the performance of the operating system.
The company did released updates for its web browser Safari and in some versions found a slight slowing of 2.5% or less.
As for the patches slowing down how fast web browsers work, typical Internet variables like bandwidth, latency, congestion, and more will all have much more impact than these patches.
“The impact of Meltdown and Spectre patches to browsers should not be significant or observable to the average computer user,” said Chris Webber, security strategist at security firm SafeBreach.