Spectre Variant 4 is a new threat that has been disclosed by both Microsoft and Google. While Intel is still working on the microcode in order to release BIOS updates, Windows 10 update has been released in order to patch the issue. Spectre Variant 4 affects Intel CPUs and these include the latest 8th generation Coffee Lake series as well.
Intel has claimed that it will release chips that will not be affected by these threats before the end of the year but we have yet to see what these chips are. The Spectre Variant 4 update for Windows 10 does not affect performance on its own but if SSBD is turned on (necessary steps for remediating vulnerabilities) then there will be a performance loss according to Microsoft testing.
The extent of the loss depends on multiple factors including but not limited to motherboard use and type of workload. Installing updates from Intel itself will result in performance losses but for the sake of security, it is advised that you install all the updates and patches. The Windows DNSAPI Remote Code Execution Vulnerability is described as follows:
This bug clearly wins for most critical this month. This vulnerability could allow an attacker to execute code at the local system level if they can get a crafted response to the target server. There are a couple of ways this could happen. The attacker could attempt to man-in-the-middle a legitimate query. The more likely scenario is simply tricking a target DNS server into querying an evil server that sends the corrupted response – something that can be done from the command line. It’s also something that could be easily scripted.
Spectre and Meltdown have been causing issues for Intel ever since they were first uncovered. Interestingly Intel told China about these threats before anyone else. Other than that Spectre Variant 4 is not the end. There are other issues as well that have not been disclosed yet. We will learn more about these other issues in the upcoming weeks so stay tuned for updates regarding them.
We should have more information regarding the extent of the performance loss when the Intel fix is released and we can compare the performance between the same hardware before and after the Spectre Variant 4. Till then, it seems that we will have to wait and take Microsoft’s word.