Slashdot Mirror

← Back to Stories (view on slashdot.org)

AMD Is Releasing Spectre Firmware Updates To Fix CPU Vulnerabilities (theverge.com)

Posted by BeauHD on from the brushed-under-the-rug dept.

An anonymous reader quotes a report from The Verge: AMD's initial response to the Meltdown and Spectre CPU flaws made it clear "there is a near zero risk to AMD processors." That zero risk doesn't mean zero impact, as we're starting to discover today. "We have defined additional steps through a combination of processor microcode updates and OS patches that we will make available to AMD customers and partners to further mitigate the threat," says Mark Papermaster, AMD's chief technology officer. AMD is making firmware updates available for Ryzen and EPYC owners this week, and the company is planning to update older processors "over the coming weeks." Like Intel, these firmware updates will be provided to PC makers, and it will be up to suppliers to ensure customers receive these. AMD isn't saying whether there will be any performance impacts from applying these firmware updates, nor whether servers using EPYC processors will be greatly impacted or not. AMD is also revealing that its Radeon GPU architecture isn't impacted by Meltdown or Spectre, simply because those GPUs "do not use speculative execution and thus are not susceptible to these threats." AMD says it plans to issue further statements as it continues to develop security updates for its processors.

6 of 74 comments (clear)

  1. Re:NO! My Narrative! by Anonymous Coward · · Score: 5, Informative

    You are confusing Meltdown and Spectre. Meltdown: only Intel. Spectre: almost everything.

  2. Re:NO! My Narrative! by Carewolf · · Score: 5, Informative

    You are confusing Meltdown and Spectre. Meltdown: only Intel. Spectre: almost everything.

    And spectre has two variants, and the second variant doesn't affect AMD Zen processors, but does affect older AMD processors.

  3. Nice spin there Intel by 110010001000 · · Score: 5, Insightful

    AMD never said there was a near zero risk for Spectre. AMD is not affected by Meltdown. AMD and Intel affected by Spectre. Period. Stop trying to push Intels problems on AMD.

    1. Re:Nice spin there Intel by Chrisq · · Score: 4, Informative

      AMD never said there was a near zero risk for Spectre.

      To be fair they did say that there is Near zero risk of exploitation of Spectre variant 2 (Branch Target Injection):

      Variant Two Branch Target Injection
      Differences in AMD architecture mean there is a near zero risk of exploitation of this variant. Vulnerability to Variant 2 has not been demonstrated on AMD processors to date.

  4. Why are we using the Verge as a source ? by RedK · · Score: 4, Informative

    The Verge is obvioulsy a non-credible source. Or does that just apply to stories editors don't want to publish (*ahem* twitter *ahem) ?

    What a terrible article. Here Slashdot editors, a better one from a no-name site that actually gets the facts right :

    https://www.lowyat.net/2018/152301/amd-begin-distributing-firmware-updates-patch-spectre-vulnerability/

    Or just use the damn primary source :

    http://www.amd.com/en/corporate/speculative-execution

    --
    "Not to mention all the idiots who use words like boxen."
    Anonymous Coward on Monday August 04, @06:49PM
  5. Re:NO! My Narrative! by gweihir · · Score: 5, Insightful

    Also: Spectre: Pretty old news, just somebody made it more practical now.

    The only reason Spectre is pushed in the news is that Intel is desperately trying to obscure the magnitude of their screw-up with Meltdown.

    --
    Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.