In the security update released to Safari last year, the Spectre vulnerability affecting the ARM architecture and Intel processors was fixed. Apple did not mention in the update log that the impact of the update on the performance of Apple devices is serious. However, the recently released macOS Mojave 10.14.5 security update has once again fixed a new speculative execution vulnerability, called Microarchitectural Data Sampling (MDS) in Intel processors.
Although this update does not have a big impact on Safari performance, Apple’s officially defined volume of Mac notebooks and desktop devices need to enable full mitigation measures to prevent malicious applications from exploiting these vulnerabilities. Complete mitigation measures require the use of terminal applications to enable additional CPU instructions and disable hyper-threading processing techniques. However, after doing this, applications that rely heavily on Hyper-Threading Technology will be affected, and performance can be reduced by up to 40%. Apple wrote:
“macOS performance: Testing conducted by Apple in May 2019 showed as much as a 40% reduction in performance with tests that include multithreaded workloads and public benchmarks. Performance tests are conducted using specific Mac computers. Actual results will vary based on model, configuration, usage, and other factors.”
If you want to enable full mitigation for MDS in macOS after installing a security update, you first need to restart your Mac to enter macOS Recovery and then enter some commands in the terminal application. The specific steps are as follows:
- Turn on or restart your Mac and immediately press and hold Command (⌘)-R or one of the other macOS Recovery key combinations on your keyboard.
- From the Utilities menu in the menu bar, choose Terminal.
- Type the following two commands, one at a time, at the Terminal prompt. Press Return after each one.nvram boot-args="cwae=2"nvram SMTDisable=%01
- From the Apple menu, choose Restart.