Intel CPU attack protection decreases 40% of Mac performance

IT security services specialists reported the emergence of new variants of speculative execution exploiting the architecture of Intel CPUs. Because of this the Apple security team published a document explaining to the most prone customers the method to enable complete mitigation for this security issues.

This protection is not enabled by default because of the high system resource consumption, which significantly impacts the performance of users’ computers.

The company detected a drop of up to 40% in equipment performance after the mitigation was fully activated. This is because enabling this feature (MDS vulnerability protection) requires disabling the Intel Hyper-Threading technology completely, and additional barriers need to be added at various stages of the processor.

However, most Apple users do not need to enable full mitigation, as macOS 10.14.5 already includes patches to fix problems such as JavaScript attacks via the Safari browser; the fixes were released for this version because of their limited impact on system performance.

The IT security services specialists add that enabling full mitigation can be useful to users who handle confidential information, such large companies’ executives, activists, government members, etc.

It is worth mentioning that there is still no evidence of these attacks against Apple equipment in the wild, so it is considered a risk only at the theoretical level at the moment; still, the company recommends its users to install only the software distributed through official platforms. 

According to the IT security services specialists from the International Institute of Cyber Security (IICS), to enable full protection users should:

  • Restart their Mac and press the Command key and the R key to enter the macOS recovery mode
  • Open the Terminal from the Utilities menu
  • Enter the command nvram boot-args = “Cwae = 2″ and press Return
  • Enter the command ‘nvram SMTDisable =% 01’ and press Return
  • Restart the Mac

Additional details are available on Apple’s official website. Devices like iPhone or iPad are not exposed to speculative execution exploitation issues.