Both Microsoft and the Linux kernel teams have added ways to disable support for Intel Transactional Synchronization Extensions (TSX).

TSX is the Intel technology that opens the company's CPUs to attacks via the Zombieload v2 vulnerability.

Zombieload v2 is the codename of a vulnerability that allows malware or a malicious threat actor to extract information processed inside a CPU, information to which they normally shouldn't be able to access due to the security walls present inside modern-day CPUs.

This new vulnerability was disclosed earlier this week. Intel said it would release microcode (CPU firmware) updates -- available on the company's Support & Downloads center.

But, the reality of a real-world production environment is that performance matters. Past microcode updates for other attacks, such as Meltdown, Spectre, Foreshadow, Fallout, and Zombieload v1, have been known to introduce performance hits of up to 40%.

Seeing that all the CPU attacks listed above are not only theoretical but also hard to pull off, some companies don't see this performance hit as an option.

Many skip on applying the microcode updates, or even if they do, they also disable the technology that allows the attack surface, if they're not using it, just to be sure they're not impacted by any attacks or performance slowdowns.

Earlier this week, Microsoft published guidance on how system administrators can do so with Intel's TSX, using registry keys.

They can disable TSX via the following registry setting:

reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Kernel" /v DisableTsx /t REG_DWORD /d 1 /f

When they need TSX again, they can re-enable it via the following:

reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Kernel" /v DisableTsx /t REG_DWORD /d 0 /f

On Linux systems where administrators have applied Intel's microcode updates, there is also now a model-specific register (MSR) that can be used to disable TSX. Details here.

TSX has been shipping with Intel CPUs since the release of the Haswell line in 2013. According to Intel's official security advisory, the following CPU series are impacted: