Following the alert issued by Intel on the threat of Microarchitectural Data Sampling (MDS) attacks likely affecting computer systems running on 7th-gen Intel CPUs and below, Apple has indicated that the mitigation measure now available may lead to performance dips for Mac users. The solution involves the disabling of Intel's Hyper-Threading feature that can prevent the processor from working at an optimal level.
According to Apple, the performance reduction can be up to 40 percent in terms of public benchmarks and multi-threaded workload. However, the company also clarified that the real-world impact of the MDS mitigation will be unique for every system.
"Actual results will vary based on model, configuration, usage, and other factors," the tech giant said in an advisory provided to customers.
Apple reminded too that the mitigation is hardly required on machines running macOS 10.14.5 since the OS version contains all the patches that closed the door on the possibility of exploiting the identified vulnerabilities.
Along this line, the company said the full mitigation was switched off by default and the decision was left for users to switch the solution on. They will be the judge on what matters most when working on their Mac units. Is security their number one priority or the ready availability of full-performance capability?
To favor the former, it's best to consider first that opting for the high-level of system defense will lead to a dramatic performance dip that for most users will be unacceptable. And more so if they consider the fact that the risks entailed by the MDS vulnerabilities are mostly theoretical, 9to5Mac said in a report.
Apple said that as of writing, there are no known attacks designed to take advantage of the exploits' possible existence on Mac systems. If anything, the security concern is more pronounced on a specific set of users that regularly handle sensitive data such as high-level corporate executives and ranking government officials, the report added.
For the average users who opted to enjoy maximum performance delivery on their Macs, Apple said the most practical form of mitigation is to keep off from applications not found on the App Store.
For its part, Intel has made clear that deactivating Hyper-Threading is not the ultimate solution for the MDS exploits. The chipmaker agreed with Apple that not using the feature will lead to performance degradation so it is not a recommended course of action.
However, for those who value security more than performance when using macOS, the following steps should be helpful, courtesy of Tom's Hardware:
- Turn on or restart your Mac and immediately press and hold Command (⌘)-R or one of the other macOS Recovery key combinations on your keyboard.
- From the Utilities menu in the menu bar, choose Terminal.
- Type the following two commands, one at a time, at the Terminal prompt. Press Return after each one:
nvram boot-args="cwae=2"
nvram SMTDisable=%01
- From the Apple menu, choose Restart.
