AMD have updated their web page and clarified a bit more on speculative_execution vulnerabilities with some additional details on current state of affairs and AMD actions.
--- AMD ---
Disclosure - January - Research - Teams - Security
The public disclosure on January 3rd that multiple research teams had discovered security issues related to how modern microprocessors handle speculative execution has brought to the forefront the constant vigilance needed to protect and secure data. These threats seek to circumvent the microprocessor architecture controls that preserve secure data.
At AMD, security is our top priority and we are continually working to ensure the safety of our users as new risks arise. As a part of that vigilance, I wanted to update the community on our actions to address the situation.
Google - Project - Zero - GPZ - Bounds
Google Project Zero (GPZ) Variant 1 (Bounds Check Bypass or Spectre) is applicable to AMD processors.
We believe this threat can be contained with an operating system (OS) patch and we have been working with OS providers to address this issue.
Microsoft - Patches - Majority - AMD - Systems
Microsoft is distributing patches for the majority of AMD systems now. We are working closely with them to correct an issue that paused the distribution of patches for some older AMD processors (AMD Opteron, Athlon and AMD Turion X2 Ultra families) earlier this week. We expect this issue to be corrected shortly and Microsoft should resume updates for these older processors by next week. For the latest details, please see Microsoft’s website.
Linux vendors are also rolling out patches across AMD products now.
GPZ - Variant - Branch - Target - Injection
GPZ Variant 2 (Branch Target Injection or Spectre) is applicable to AMD processors.
0 other people are viewing this story
Wake Up To Breaking News!
How's that peak oil working out for you?