Developer Kevin Glynn, aka "Uncle Webb," has discovered a weird Windows Defender bug that causes Intel CPUs to suffer a significant performance hit on Windows 10 or 11.
According to a Tech Power Up report, the bug causes Windows Defender to "randomly start using all seven hardware performance counters provided by Intel Core processors." That wouldn't be a big problem, according to Tech Power Up, except that Defender is randomly changing the privilege level of the counters—setting them to "mode 2"—which puts it in conflict with other software that's trying to use the counter in its typical state, "mode 3."
Uncle Webb saw his Intel Core i9 10850K take a 6% performance dip in Cinebench; he claims this can affect users with Intel Core CPUs from 2008 and on. Other instances saw Defender dinging CPU performance by around 4%. He did not see any issues on AMD Ryzen CPUs.
The wild thing is that there is no way to predict when Windows Defender will act up. Uncle Webb says it could happen on boot or any time after, and unless you are actively monitoring your CPU performance, you won't know when it happens.
There's one rather questionable way of resolving this issue should you encounter it: disabling Windows Defender. Like Tech Power Up, we wouldn't recommend this approach, since it'll leave your system vulnerable.
Uncle Webb also has developed some software that could provide a fix. The first is ThrottleStop 9.5. Once booted, hit the Windows Defender Boost option, which keeps Defender from randomly using all your CPU performance counters whenever it wants. The other is Counter Control, which does more or less the same thing. Either should allow Windows Defender to defend Windows without hurting your CPU's performance.
