At AMD, security is our top priority and we are continually working to ensure the safety of our users as new risks arise. As a part of that vigilance, I wanted to update the community on our actions to address the situation.
Google Project Zero (GPZ) Variant 1 (Bounds Check Bypass or Spectre) is applicable to AMD processors.
1.We believe this threat can be contained with an operating system (OS) patch and we have been working with OS providers to address this issue.
2.Microsoft is distributing patches for the majority of AMD systems now. We are working closely with them to correct an issue that paused the distribution of patches for some older AMD processors (AMD Opteron, Athlon and AMD Turion X2 Ultra families) earlier this week. We expect this issue to be corrected shortly and Microsoft should resume updates for these older processors by next week. For the latest details, please see Microsoft’s website.
3.Linux vendors are also rolling out patches across AMD products now.
GPZ Variant 2 (Branch Target Injection or Spectre) is applicable to AMD processors.
1.While we believe that AMD’s processor architectures make it difficult to exploit Variant 2, we continue to work closely with the industry on this threat. We have defined additional steps through a combination of processor microcode updates and OS patches that we will make available to AMD customers and partners to further mitigate the threat.
2.AMD will make optional microcode updates available to our customers and partners for Ryzen and EPYC processors starting this week. We expect to make updates available for our previous generation products over the coming weeks. These software updates will be provided by system providers and OS vendors; please check with your supplier for the latest information on the available option for your configuration and requirements.
3.Linux vendors have begun to roll out OS patches for AMD systems, and we are working closely with Microsoft on the timing for distributing their patches. We are also engaging closely with the Linux community on development of “return trampoline” (Retpoline) software mitigations.
GPZ Variant 3 (Rogue Data Cache Load or Meltdown) is not applicable to AMD processors.
1.We believe AMD processors are not susceptible due to our use of privilege level protections within paging architecture and no mitigation is required.
We will provide further updates as appropriate on this site as AMD and the industry continue our collaborative work to develop mitigation solutions to protect users from these latest security threats.
Senior Vice President and Chief Technology Officer
- 华硕发布首款「TUF Gaming」系列游戏本 FX504
- 【Computex2018】AMD发布会汇总：揭晓第二代Threadripper、7nm Vega及EPYC，OEM产品线更新
- NVIDIA 的 Drive PX Pegasus 已为 Level 5 自动驾驶做好准备
- Doritos 包装能拿来干嘛？嗯... 可以播电影原声带
- 【AMD Zen微架构解析 Part2：提取指令级并行】AMD Zen Microarchiture Part 2: Extracting Instruction-Level Parallelism
- EPYC 3251，AMD首款嵌入式服务器CPU "Snowy Owl"型号曝光
- 微软新推 Precision Surface Mouse 鼠标，更强调人体工学
- 老任上月只花了一周就在日本狂卖 26.1 万台 Nintendo Famicom Mini
- AMD内部队伍正在调查关于PSP/Promontory 芯片组“漏洞”的“报告”