Print this page
Published in News

AMD plugs Meltdown and Spectre’s security holes

by on11 April 2018


Still jolly tricky

AMD has released patches for Meltdown and Spectre security holes alongside Microsoft's latest Windows 10 updates.

AMD is providing updates regarding its recommended mitigations for Google Project Zero (GPZ) Variant 2 (Spectre) for Microsoft Windows users. These mitigations require a combination of processor microcode updates from OEM and motherboard partners, as well as running the current and fully up-to-date version of Windows. For Linux users, AMD recommended mitigations for GPZ Variant 2 were made available to Linux partners and had been released for distribution earlier this year.

The patches include code containing Spectre variant two mitigations at an operating system level, similar to how a Windows update in early January protected against Spectre variant 1.

AMD customers will be able to install the microcode by downloading BIOS updates provided by PC and server manufacturers and motherboard providers.  It doesn’t say which processors received patches, but presumably AMD’s newer Ryzen processors were first to get them. Some of the fixes will need a new BIOS, and so far no Ryzen X370 motherboards have April BIOS updates.

AMD maintains that the Spectre variant two mitigations are “difficult to exploit” on its processors, and classified these microcode updates initially as optional. If a  BIOS update isn’t available for your motherboard or prebuilt desktop system, you might need to lean on decent antivirus software, because security researchers have discovered malware designed to exploit these vulnerabilities.

 

Last modified on 11 April 2018
Rate this item
(0 votes)