• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

Update on AMD Processor Security for Spectre and Meltdown


Brink

Administrator
Administrator
mvp
Posts
22,871
#1
The public disclosure on January 3rd that multiple research teams had discovered security issues related to how modern microprocessors handle speculative execution has brought to the forefront the constant vigilance needed to protect and secure data. These threats seek to circumvent the microprocessor architecture controls that preserve secure data.

At AMD, security is our top priority and we are continually working to ensure the safety of our users as new risks arise. As a part of that vigilance, I wanted to update the community on our actions to address the situation.

  • Google Project Zero (GPZ) Variant 1 (Bounds Check Bypass or Spectre) is applicable to AMD processors.
    • We believe this threat can be contained with an operating system (OS) patch and we have been working with OS providers to address this issue.
    • Microsoft is distributing patches for the majority of AMD systems now. We are working closely with them to correct an issue that paused the distribution of patches for some older AMD processors (AMD Opteron, Athlon and AMD Turion X2 Ultra families) earlier this week. We expect this issue to be corrected shortly and Microsoft should resume updates for these older processors by next week. For the latest details, please see Microsoft’s website.
    • Linux vendors are also rolling out patches across AMD products now.
  • GPZ Variant 2 (Branch Target Injection or Spectre) is applicable to AMD processors.
    • While we believe that AMD’s processor architectures make it difficult to exploit Variant 2, we continue to work closely with the industry on this threat. We have defined additional steps through a combination of processor microcode updates and OS patches that we will make available to AMD customers and partners to further mitigate the threat.
    • AMD will make optional microcode updates available to our customers and partners for Ryzen and EPYC processors starting this week. We expect to make updates available for our previous generation products over the coming weeks. These software updates will be provided by system providers and OS vendors; please check with your supplier for the latest information on the available option for your configuration and requirements.
    • Linux vendors have begun to roll out OS patches for AMD systems, and we are working closely with Microsoft on the timing for distributing their patches. We are also engaging closely with the Linux community on development of “return trampoline” (Retpoline) software mitigations.
  • GPZ Variant 3 (Rogue Data Cache Load or Meltdown) is not applicable to AMD processors.
    • We believe AMD processors are not susceptible due to our use of privilege level protections within paging architecture and no mitigation is required.
There have also been questions about GPU architectures. AMD Radeon GPU architectures do not use speculative execution and thus are not susceptible to these threats.

We will provide further updates as appropriate on this site as AMD and the industry continue our collaborative work to develop mitigation solutions to protect users from these latest security threats.

Mark Papermaster,

Senior Vice President and Chief Technology Officer

Source: AMD Processor Security | AMD

See also: Windows operating system security update block for some AMD based devices | Microsoft Support
 

My Computer

System One

  • OS
    64-bit Windows 10
    Computer type
    PC/Desktop
    System Manufacturer/Model Number
    Custom self built
    CPU
    Intel i7-3930K 3.2 Ghz (O/C to 4 Ghz)
    Motherboard
    ASRock X79 Extreme11
    Memory
    32 GB (8GBx4) G.SKILL DDR3 Quad PC3-19200 2400 MHz
    Graphics Card(s)
    ASUS ROG-STRIX-GTX1080TI-O11G-GAMING
    Sound Card
    SB Recon 3Di Integrated Chip
    Monitor(s) Displays
    3 x 27" Asus VE278Q
    Screen Resolution
    1920x1080
    Hard Drives
    256GB OCZ Vector
    6TB WD Black WD6001FZWX
    PSU
    OCZ Series Gold OCZZ1000M 1000W
    Case
    Corsair Air 740
    Cooling
    Corsair Hydro H115i
    Keyboard
    Logitech wireless K800
    Mouse
    Logitech MX Master
    Internet Speed
    100 Mb/s Download and 10 Mb/s Upload
    Browser
    Internet Explorer 11
    Antivirus
    Malwarebyte Anti-Malware Premium
    Other Info
    Lite-On iHBS212 12x BD Writer
    Creative F200 webcam
    Samsung CLX-3175FW Printer
    Linksys EA9500 Router
    Arris SB6190 Cable Modem
    APC SMART-UPS RT 1000 XL