It's been described as one of the most serious PC security issues we've ever seen. Headlines have been dominated by the news that there's a serious flaw in the hardware design of Intel microprocessors, going back over 20 years and covering millions upon millions of CPUs still in use today. If your gaming PC is based around an Intel processor, it's vulnerable to the recently revealed 'Meltdown' exploit. Side by side with Meltdown is another serious security problem, dubbed 'Spectre' - which has the potential to affect your PC, smartphone or tablet, regardless of whether or not it has Intel technology at its core.
So at the very basic level, what's at risk here? Essentially, Meltdown allows malware to gain access to protected memory within your CPU, areas within your processor that should be impossible to access. Sensitive data of just about any description is potentially accessible. Spectre offers another vector in acquiring sensitive data, to the extent that, although more difficult to deploy, it may well be causing headaches months or even years from now.
In the short term, fixes are being rolled out - and more may yet follow - and the concern is that performance may be significantly impacted. Epic Games recently revealed the extent of the hit for its Fortnite gaming servers, with a revealing graph showing a huge spike in CPU utilisation once the Meltdown patches were installed. The question is to what extent the patches - such as they are now - will impact the average gaming PC.
Covering off both of the security issues requires separate updates. First of all, Windows Update patches Microsoft's OS by offering protection for Intel CPUs vulnerable to Meltdown, shunting the CPU kernel into a separate virtual address space. Secondly, a BIOS update for your motherboard aims to make the CPU's branch prediction a little less aggressive, making it more difficult for Spectre to be effective. Both of these updates have the potential to slow your PC down, but the good news here is that the overall impact measured so far in many benchmarks is in the two to three per cent range, with only storage IO on very fast devices (like NVMe solid state drives) showing noticeable performance degradation. It's a different ballgame in the enterprise sector, with CPU virtualisation clearly being affected significantly - as seen on Epic's Fortnight servers.
|Win10 Unpatched||Win10 Meltdown Patch||Win10 Meltdown + Microcode Patch|
|The Witcher 3, Ultra, No HairWorks||139.8fps||128.3fps||126.6fps|
|Rise of the Tomb Raider, Very High, DX12||121.6fps||117.2fps||121.6fps|
|Far Cry Primal, Ultra||128.4fps||127.0fps||126.2fps|
|Crysis 3, Very High||129.3fps||129.2fps||126.8fps|
|Ashes of the Singularity, CPU Test||35.3fps||35.5fps||35.6fps|
|Assassin's Creed Unity, Ultra High||131.1fps||131.2fps||130.3fps|
Regardless, we wanted to test the impact of the patches ourselves, so we chose the Core i5 8400 as our test subject, comparing our existing benchmark data firstly with the same titles running the Meltdown Windows PC patch, and secondly with the Spectre-specific firmware update in place. Asus has been speedy in supplying microcode updates, and we used a Maximus 10 Hero mainboard based on the new Z370 chipset for our test system.
The table above corroborates the generally accepted view that gaming isn't unduly affected to a noticeable degree in most scenarios. However, we've been gradually experimenting with how CPUs should be tested for gaming performance over the last couple of years and we still aren't entirely happy with the methodology. Actually discovering areas of a game that are CPU-bound is a challenging task in itself, even with our current method of pairing the processor with an overclocked Titan X Pascal, and running the game at 1080p resolution. The idea here is to push CPU performance and memory bandwidth to the forefront, ahead of the GPU - gaming's primary limiting factor. However, even here, we've found that different in-game areas and rendering scenarios can lessen or widen the difference between processors.
That said, five of the six tests here can push a quad-core, four-thread Intel CPU to full 100 per cent utilisation (the exception being Far Cry Primal, which relies heavily on single core power), but there is more leeway with the six-core i5 8400. What we found is that even with both patches in place, some games show no real difference at all - Ashes of the Singularity's punishing CPU benchmark remains completely consistent across all three of our test runs, as does our Notre Dame run through Assassin's Creed Unity, where any difference vanishes into the margin of error. The CPU-heavy Crysis 3 sails through the Meltdown test with no appreciable hit to performance, with the Spectre microcode update only hitting performance by two per cent. Far Cry Primal? Deduct 1fps for each of the security upgrades you install.
The Meltdown patch caused a 3.6 per cent hit to our test run through Rise of the Tomb Raider's Geothermal Valley, rising to 4.2 per cent with the BIOS update installed. However, our Witcher 3 test run - which hits storage hard and thrives on memory bandwidth - is hit comparatively hard, losing 8.2 per cent of its performance, rising to 9.4 per cent with the Spectre-orientated BIOS microcode update. Interestingly, re-running the test on a (slower) Core i7 4790K only saw a performance hit of three per cent (although no BIOS update was available for our Z97-based system, meaning only the Meltdown patch could be tested).
What we have at the moment is only a small sliver of data on what may well be just the first of a range of patches, but in the here and now, there's good news and bad news.
The good news is that performance is holding up: our tests here artificially push CPU performance to the forefront in a world where the GPU is the primary limiting factor in gaming. And even here, only one game sees an appreciable hit to performance and even that is in one part of a very well-optimised game that we've specifically chosen for CPU stress-testing. Most of The Witcher 3 plays much more smoothly.
The bad news is Spectre. First of all, the full extent of the issue and its potential exploitation could mean that it's an issue for years to come, but in the short term, the question is the extent to which microcode updates will roll out to older systems - and by extension, whether mainboard manufacturers will patch up older generation CPUs. In a world where vintage-2011 Sandy Bridge processors like the classic Core i5 2500K are still widely used in gaming PCs, should users now take the opportunity to upgrade? Alternatively, with so many of these CPUs in use, maybe Intel and the mainboard manufacturers have a duty to ensure that these systems are as secure as they can possibly be? We'll be following the situation closely over the following weeks and months as the full extent of the issue - and the remedies deployed - come into sharper focus.