• Competitor rules

    Please remember that any mention of competitors, hinting at competitors or offering to provide details of competitors will result in an account suspension. The full rules can be found under the 'Terms and Rules' link in the bottom right corner of your screen. Just don't mention competitors in any way, shape or form and you'll be OK.

Disable Intel Security Patches For Extra Performance

Dicehunter

Dicehunter

Dicehunter

Soldato
Joined
19 Feb 2007
Posts
15,176
Location
Area 18, ArcCorp
So I was chatting with a friend this morning and he stumbled across a post on Reddit about a chap that put up instructions on how to disable/re-enable security mitigations, Apparently after disabling them, It works on the OS level via a batch file and disables ALL of them, He gained 10FPS playing at 1080P in 1 of the Civ games.

May be worth a look for people wanting to get the most out of their Intel chips on a non critical system i.e no bank details, Passwords etc....

Make a batch file with the following: @Echo off reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management" /v FeatureSettingsOverride /t REG_DWORD /d 3 /f reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management" /v FeatureSettingsOverrideMask /t REG_DWORD /d 3 /f

It disables all the mitigations, and likely will for the future mitigations that Microsoft will publish. Run this batch file as administrator.

If you want to turn everything back on, make a batch file with the following: @Echo off reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management" /v FeatureSettingsOverride /t REG_DWORD /d 72 /f reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management" /v FeatureSettingsOverrideMask /t REG_DWORD /d 3 /f

In case you wish to turn on all mitigations, and additionally disable HT, then replace "72" on the 3rd line with "8264".
Click to expand...

I can't test this myself yet as I'm away until Tuesday but will be interesting to see results.
 
Last edited:
Dicehunter said:
So I was chatting with a friend this morning and he stumbled across a post on Reddit about a chap that put up instructions on how to disable/re-enable security mitigations, Apparently after disabling them, It works on the OS level via a batch file, He gained 10FPS playing at 1080P in 1 of the Civ games.

May be worth a look for people wanting to get the most out of their Intel chips on a non critical system i.e no bank details, Passwords etc....



I cant test this myself yet as I'm away until Tuesday but will be interesting to see results.
Click to expand...

I just use InSpectre :P
 
https://www.majorgeeks.com/files/details/manage_speculative_execution_settings_script.html

"
OJZvSzr.png
"
 
Dicehunter said:
May be worth a look for people wanting to get the most out of their Intel chips on a non critical system i.e no bank details, Passwords etc....
Click to expand...

If you trust the software on your machine on the average home user's setup then aside from browser mitigations the rest aren't really doing much anyhow - and if you are running untrusted software than there are far easier ways for malware to exploit your system than using any of these side-channel exploits.

The main exposures are "shared cloud computing resources, or using JavaScript on a malicious website or advertisement" so as long as you have browser mitigations and aren't running things like remote accessible VMs, etc. there is little in the way of exposure to arbitrary remote code execution or other data snooping on the average home PC from Spectre/Fallout.

If you are running software of dubious source, etc. there are, especially if running Windows 10 without some recent updates like KB4512508 and KB4507469, dozens of easier to exploit weaknesses to gain access and elevate privileges internally so as to read data from "protected" areas and that doesn't matter what CPU you are on.
 
Rroff said:
If you trust the software on your machine on the average home user's setup then aside from browser mitigations the rest aren't really doing much anyhow - and if you are running untrusted software than there are far easier ways for malware to exploit your system than using any of these side-channel exploits.

The main exposures are "shared cloud computing resources, or using JavaScript on a malicious website or advertisement" so as long as you have browser mitigations and aren't running things like remote accessible VMs, etc. there is little in the way of exposure to arbitrary remote code execution or other data snooping on the average home PC from Spectre/Fallout.

If you are running software of dubious source, etc. there are, especially if running Windows 10 without some recent updates like KB4512508 and KB4507469, dozens of easier to exploit weaknesses to gain access and elevate privileges internally so as to read data from "protected" areas and that doesn't matter what CPU you are on.
Click to expand...

Very interesting thanks for the info :)
 
We haven't seen exploits rolled out on mass yet. If people start disabling critical security fixes it will only be a matter of time before we do.
 
You must log in or register to reply here.
Back
Top Bottom