Microsoft is taking the surprise step of detailing how Spectre and Meltdown firmware updates may affect PC performance. The tech industry has been scrambling to issue updates to protect against the two CPU security flaws over the past week, and there have been many reports of potential performance issues. The good news is that for modern PCs running Windows 10, most consumers won’t notice a significant difference. If you’re on an older machine, particularly a Windows 7 or Windows 8 one, then there’s going to be some noticeable performance changes.

According to Microsoft, Intel Haswell processors and older will be impacted the most by a series of firmware updates designed to protect against the Spectre CPU security flaw. Intel has been working with PC makers to ready firmware updates, but it’s fair to say most machines do not have these installed just yet. These updates will impact PC performance, but the level of impact depends on what that PC is doing and how old it is. Microsoft warns that most benchmarks we’ve seen reported “do not include both OS and silicon updates.”

Old Windows 7 and Windows 8 machines will be the most impacted

In a blog post from Windows chief Terry Myerson, Microsoft reveals that Windows 10 machines running Skylake, Kaby Lake, or newer processors have been benchmarked to show “single-digit slowdowns” and that the company doesn’t expect “most users to notice a change because these percentages are reflected in milliseconds.”

Windows 10 machines running older processors like Haswell “show more significant slowdowns, and we expect that some users will notice a decrease in system performance,” says Myerson. The same older Haswell machines running Windows 7 or Windows 8 will also experience slowdowns that Myerson says “most users” will notice.

Windows 7 and Windows 8 will be the worst hit simply because these older operating systems have features like kernel-level font rendering that will be impacted by the Spectre and Meltdown mitigations even further than Windows 10. Regardless, Microsoft says on Skylake or newer chips “Intel has refined the instructions used to disable branch speculation to be more specific to indirect branches, reducing the overall performance penalty of the Spectre mitigation.”

Windows 10 running on Skylake, Kaby Lake or newer CPU show benchmarks show “single-digit slowdowns”, but most users shouldn’t expect to see noticeable slowdowns

Windows 10 running on Haswell or older CPUs “show more significant slowdowns” and “some users will notice a decrease in system performance”

Windows 7 or Windows 8 running on Haswell or older CPUs means “most users will notice a decrease in system performance

Microsoft is telling IT admins not to patch servers if they want to run the risk

Microsoft also warns that Windows Server running on any silicon, especially if the server task is I/O intensive, “shows a more significant performance impact when you enable the mitigations to isolate untrusted code within a Windows Server instance.” Microsoft is essentially warning server customers to make a tricky choice between security and performance. “This is why you want to be careful to evaluate the risk of untrusted code for each Windows Server instance and balance the security versus performance tradeoff for your environment,” says Myerson.

It’s unusual to see Microsoft telling IT admins not to patch server systems, but the Meltdown and Spectre issues are a very unusual occurrence. If a server is only running managed code and not open to browser attacks or other code on the system then admins might avoid the firmware updates, but that runs the obvious short-term risks and the potential for having to avoid other security firmware updates in the future.

Microsoft says firmware updates are only required to protect against what’s being described as Spectre variant 2. For Meltdown and Spectre variant 1, Microsoft has isolated kernel and user mode page tables and hardened Edge and Internet Explorer 11 to protect against JavaScript exploits. Windows updates for 41 editions of the operating system are now available, and Microsoft expects the four remaining supported editions will be patched soon.

“As you can tell, there is a lot to this topic of side-channel attack methods,” explains Myerson. “We’re also committed to being as transparent and factual as possible to help our customers make the best possible decisions for their devices and the systems that run organizations around the world. That’s why we’ve chosen to provide more context and information today and why we released updates and remediations as quickly as we could on January 3rd.”

Microsoft is understandably being transparent to avoid Windows users blaming the company for slowing their PCs down. Apple faced that exact issue with older iPhone battery slowdowns recently, and it’s something Microsoft is naturally trying to avoid. The real question now is whether Google, Apple, and others will provide similar guidance on potential performance issues for Android devices, Macs, and iPhones. Most companies have already issued software updates to protect browsers and operating systems, but there’s been little movement on the firmware updates to protect the chips themselves.

Apple has not responded to queries from The Verge about whether the company has supplied firmware updates for the A-series iPhone chips to protect against Spectre variant 2, or even if it’s required. Google’s Android situation will rely on many different phone makers, and it’s not clear how many will require firmware updates that could have potential performance impacts. Microsoft has set an example of transparency that the rest of the industry might just have to follow.