Patched Desktop PC: Meltdown & Spectre Benchmarked

After our first tests of the Meltdown Patch for Windows 10, we are investigating the matter in more detail today by testing a patched desktop system, fixing the two known vulnerabilities Meltdown and Specter, and applying the patch at the operating system level and a firmware update, more precisely a motherboard BIOS update.

If you read our previous article on the subject, it came within 24 hours of the release of the Windows 10 emergency patch, which is intended to address the meltdown vulnerability. We ran tests that made sense from a desktop user's perspective and found that there was virtually no impact on game performance and no impact on content creators. However, there have been some troubling results for NVMe storage devices that mainly affected 4K read performance. Since then, other tech media colleagues have published similar results.

However, the Windows patch has only dealt with meltdown, and you are no doubt familiar with the second vulnerability called Specter. Since Specter is the result of a fundamental flaw in the CPU design, at least it cannot be fixed completely. The firmware update required to resolve the issue alleviates the problem but does not fully address the vulnerability.

This is still mostly an Intel CPU error. AMD's official word is that one of the two Specter variants doesn't affect them at all, while the one who does so can easily be fixed by a software update that shouldn't affect performance in any meaningful way. The variant "three", which is meltdown, has no effect on AMD. We haven't properly tested an AMD CPU ourselves, but this is based on the official information we have so far.

Since the release of the meltdown benchmark, we now have access to BIOS updates that provide a microcode update that fixes the Specter bug on Intel's latest Z370 platform. The update changes the behavior of the Intel branch prediction to be less aggressive. This probably means less effective branch prediction and less IPC because the execution pipelines are waiting for memory access more often.

Of course, we'll get to the benchmarks in a moment, but before we do that, here are some additional pointers. Asus is currently the only motherboard manufacturer to release an update. So far, they have only addressed their Z370 series motherboards. To complete this test, we stormed out the door and bought an Asus TUF Z370-Plus Gaming.

Once we had that on hand, we tested the Core i3-8100 without the Windows update, then a second time with the Windows patch applied, and then a third time with the Windows update and the latest BIOS that tested the microcode -Update contains. We also included some updated Core i7-8700K benchmarks.

For verification, after installing the Windows update, you can install a PowerShell script called Speculation Control that can be used to verify that the update has been applied properly by running the Get-SpeculationControlSettings command. With just the Windows update that deals with meltdown, you should see the following: All three requirements for loading meltdown, a.k.a. Rogue data caches are illuminated in green and set to "True":

Only operating system support is available for the Specter (Branch Target Injection) vulnerability, but it is not yet enabled because the microcode update is still required. After updating the BIOS with the required version, you should see the following:

With this brief update, it's time to do some testing, starting with the Core i3-8100's results. Note that all results are based on an average of at least three runs.


First we have the results of the Core i3 Cinebench R15 and very little has changed here. After the pre-update, we see less than 2% less multi-thread score and 1% less for the single-thread test error margin.

This is a little more interesting. The Windows patch plus BIOS update was consistently 3% slower than the previously tested configurations. Please note that lower is better for this test as we measure the time it takes to complete a rendering. The BIOS update cost us 9 seconds, but as I said, overall a very slight reduction in performance.

Once again, the Excel workload remains unchanged. We see the same completion time of 6 seconds, so there is nothing to report here.

As the Blender rendering test progressed, all configurations took 58 seconds to complete the test.

When testing with VeraCrypt, we did not notice any real difference in performance. The results of AES encryption and decryption are largely the same.

Next we have 7-zip and here we see no noticeable drop in performance with the Windows and BIOS updates applied.

Leave a Reply

Your email address will not be published. Required fields are marked *