Microsoft and Intel have confirmed that virtually all processors prior to the Core Gen12 series are affected by a crash, speculative or transient boot, and side-channel attack vulnerability widely referred to as “data sampling vulnerability”, GDS for its abbreviation in English. This is not the first time that Intel has problems with this type of vulnerability, without going further, Zombieload v2, which was discovered in 2019, had a similar basis.

This vulnerability is dangerous because it can facilitate execution of attacks that terminate theft of important data from users, and from what I’ve been able to read, it mainly affects the Gather instruction, which speeds up access to memory-scattered data by also filtering the contents of an internal vector register during the speculative execution process.

Information that could be stolen by an attack exploiting this vulnerability includes from passwords to encryption keys and other important credentials such as bank credentials. I’m sure this simple summary will help you understand why Downfall is such a serious vulnerability.

The crash affects Core Gen11 and older processors. Intel Core Gen12 and Gen13 processors are not affected because features of Trust Domain eXtension (TDX) technology from Intel, which hardware isolates virtual machines by creating secure domains, which completely eliminates this vulnerability.

Intel has published a guide on its official website explaining exactly how this vulnerability works and all affected processors, including Core Gen11 and earlier up to Core Gen7. The chip giant also confirmed this has released a microcode update that fixes this vulnerabilityand that it is available in the Intel Platform Update, where it is identified as version 20230808.

The list of notes related to this update hints at a possible performance loss due to the installation of this new microcode, and Intel itself has gone so far as to state that said penalty could be in certain cases up to 50%.

With this new update, in the general consumption scenario, there are no concrete tests yet with applications typical of a common user, but the first tests conducted by Phoronix with an early correction at the end clearly showed that on average the performance reduction is quite a bit lower and that in some cases it becomes almost imperceptible.

Results obtained by said medium, using Ubuntu 22.10they were quite diverse because they oscillated between 6% and 39%depending on the processor used and each specific test and has a significant impact on workloads that rely on AVX2 and AVX512 instructions. Not too bad, especially considering that, as I said, Intel was talking about a performance reduction of up to 50%.