Microsoft released their performance impact analysis from the Spectre patches. For Windows 10 users with recent Intel silicon it doesn’t appear to be all that detrimental. Get into older Intel offerings and the performance dip is “significant”. This is even more pronounced on the Windows Server side. Basically Microsoft is saying there’s a big performance difference after the patch, but that rolling it out will depend on how much unsecured code is run on the individual server. It’s the corporate equivalent of ¯_(?)_/¯ .
Given Microsoft’s response, it’s not surprising to see VMware-based tools rolling up updates to help analyze vulnerability on virtualized servers. Runecast recently updated its Analyzer to do just that, providing an bit fat “Analyze” button, with Spectre and Meltdown related vulnerabilities understandably classified as critical. This can give admins an easy way to know to roll out ESXi host patches where needed.
I assume we’ll see a raft of these announcements coming out for a variety of platforms and monitoring tools. But it’s nice to see Runecast aggressively out front.