Patches for Intel security holes ZombieLoad eat performance. Apple said that patches on Mac were up to 40 percent decrease in performance.
ZombieLoad Patch is a performance eater
The Intel vulnerability that was recently announced under the name ZombieLoad can only be fixed with very drastic actions. Influenced by a very large sidechannel attack from Intel Core i and the Xeon family. In this case, exploits can record data running on the same core processor in other programs. It works independently of the operating system. For example, virtual machines are also affected indefinitely, as shown by the Cyberus Technology company, one of the gap seekers, impressively in a video. Hyperthreading models are particularly vulnerable, because exploits and processes that are accessed will share a large number of resources.
This is especially problematic for data center servers. There are often many examples of virtual different owners running on the same hardware. Attackers can eavesdrop on other virtual machine processes with relative ease. Besides ZombieLoad, there are also other vulnerabilities mentioned by Intel MDS that are based on the same principle. However, patches for this hole are also a performance problem. So they often suggest that hyperthreading is completely disabled.
Apple: Macs with patches up to 40 percent slower
How powerful the deadly Hyperthreading on hardware performance can affect, has now confirmed Apple. The iPhone maker shows in the document what support to do to protect against sidechannel attacks such as ZombieLoad. So Apple recommends turning off hyperthreading on Mac. This can be activated via options with MacOS 10.14.5 and the latest security updates 2019-003 for macOS 10.13 High Sierra and macOS 10.12 Sierra. This option is disabled by default, and for good reasons. In addition to individual adjustments, only Hyperhreading is lost. The company acknowledges that this is not without performance losses. Users can expect performance of up to 40 percent less than their Mac, depending on their workload.