AMD chips exposed to both variants of Spectre security flaw


Microsoft has warned that the fixes being rushed out to mitigate the risks from the Meltdown and Spectre vulnerabilities could "significantly" impact the performance of some systems.

AMD also announced that, starting this week, it will address the branch target injection exploit for Spectre by making microcode updates available for its Ryzen and Epyc processors. In fact, the safety checks of said best practices actually increase the attack surface and may make applications more susceptible to Spectre.

We expect this issue to be corrected shortly and Microsoft should resume updates for these older processors by next week.

The security fixes are likely to cause significant slowdowns and a decrease in system performance, according to Microsoft.

While Intel has been the overwhelming focus during the fallout surrounding the Meltdown and Spectre processor exploits revealed last week, AMD has managed to, for the most part, fly below the radar. "The security of the systems our customers depend upon and enjoy is a top priority for us".

The flaws affect virtually all computing devices running on chips manufactured by Intel, AMD and ARM, although the worst - called Meltdown - largely just affects Intel. These flaws, colloquially known as "Meltdown" and "Spectre", could open the door for hackers to access the contents of almost any computer.

Krzanich did say in his speech that Intel will be more transparent about security vulnerabilities like Meldown and Spectre. Nvidia also took the opportunity to include an optimization for "Fortnite", as well as support for ShadowPlay Highlights, which can be found on the game's Battle Royale mode. 'Specifically, these systems are running Intel Broadwell and Haswell CPUs for both client and data centre.

As per Microsoft's statements, they are working with AMD to resolve the issue and push the updates again as soon as possible. But strengthening Windows and CPU firmware against the second Spectre flaw slows down performance. Intel said it had began distributing firmware updates to OEM partners in December 2017. These threats seek to circumvent the microprocessor architecture controls that preserve secure data. "This means the typical home and business PC user should not see significant slowdowns in common tasks such as reading email, writing a document or accessing digital photos".

The conflicting messages come after tech companies tried to mount a co-ordinated industry-wide response.