There is a new transient execution attack known as Downfall, but more technical people may want to call it Gather Data Sampling (GDS). This particular vulnerability can be used to infer data from affected CPUs.
These CPUs are usually from security boundaries such as virtual machines, processes, trusted execution environments, and user-kernel. Luckily, there are ways to mitigate the Downfall vulnerability, so let us explain what needs to be done here.
How to mitigate the Downfall vulnerability in Windows
When it comes down to mitigating this issue that is linked to CVE-2023-40982, you must first install the update for Intel Platform Update (IPU) 23.3 microcode. Once this is done, you need not take further action.
How to disable the Downfall mitigation?
For those who do not consider Downfall or GDS to be a part of the threat model, we suggest disabling the mitigation in what is called a bare-metal environment. This task is easy, so let us explain what you must do here.
Before disabling Downfall, please ensure the following are installed:
- On supported Windows 10 and Windows 11 environments, you must have installed the Windows update dated on or after August 22, 2023.
- On supported Windows Server environments, you must have installed the Windows update dated on or after September 12, 2023.
Now, once the proper update for Windows is installed on your computer, you must open the registry editor and set the following feature flag:
Registry location:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management
Value name: FeatureSettingsOverride
Value type: REG_DWORD
Value data: 0x2000000 (hex)
Bear in mind that if the value does not exist in the registry, then you must run the following command to disable Downfall mitigation:
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management" /v FeatureSettingsOverride /t REG_DWORD /d 33554432 /f
Things should be fine going forward.
