Mitigation for the Downfall vulnerability in Windows
Mitigation for the Downfall vulnerability is available in Windows, but if you’re a power user and you absolutely need to get the very most out of your CPU, you may wish to disable the mitigation.
Microsoft reveals in its support documentation that it’s possible to disable Downfall mitigations in the operating system in order to get the best possible performance out of your CPU. While it’s worth noting that the mitigation is available only with Intel’s Platform Update 23.3 microcode update, which is currently only available to OEM systems, and won’t be available to DIY builders as a BIOS update, you’ll still be able to reap the benefits of disabling the mitigation in Windows.
Mitigation for Downfall vulnerability impacts CPU performance
Microsoft states that Downfall vulnerability mitigations are available in Windows 20.00.180907 or later. The company also says that the mitigations are available with Intel’s Platform Update 23.3 microcode update, which is currently only available to OEM systems.
“Platform Update 23.3 provides mitigations for the Gath Data Sampling (GDS) exploit,” Microsoft says. “GDS takes advantage of an architectural vulnerability in Intel® CPUs to read kernel memory (including kernel-mode and user-mode pages) without explicit permissions. The exploit uses transient execution attack to read privileged data from the operating system kernel and other programs.”
The company also says that the mitigation is available in Windows Server environments. However, it doesn’t disclose the extent of CPU performance losses with the mitigation enabled.
How to disable Downfall mitigations in Windows
Here’s how to disable the Downfall mitigations in Windows:
Alternatively, you can modify the Windows Registry with the provided hexadecimal code, though the command line option is probably the easier of the two methods.
Just make sure that you’re running the latest version of Windows and that your system has the necessary updates for the Downfall vulnerability. After that, you should be good to go.
Mitigation for Downfall vulnerability most likely affects Intel CPUs before 12th Gen Alder Lake CPUs. However, it’s always worth checking your CPU details to ensure that you’re not suffering from any performance issues as a result of the exploit.