AMD Releases Updated Risk Guidance on Meltdown, Spectre

AMD Releases Updated Risk Guidance on Meltdown, Spectre

With Meltdown and Spectre now unveiled and out in the wild, focus has shifted on how to contain the problems they represent and not tank CPU performance in the process. Different vendors have released their own statements — Intel is hit the hardest by Meltdown, ARM has some limited vulnerability, and so on — but AMD has stayed pretty quiet, apart from its initial statement last week.

Today, the company published an update to its previous guidance, with more specific information. AMD continues to state it’s immune to Meltdown (Variant 3), the attack that specifically hits Intel the hardest, writing: “We believe AMD processors are not susceptible due to our use of privilege level protections within paging architecture and no mitigation is required.”

Variant 1 (Bounds Check Bypass, Spectre) is a problem AMD believes can be mitigated through software. This appears to be the patch that broke AMD systems; AMD says, “We are working closely with them [Microsoft] to correct an issue that paused the distribution of patches for some older AMD processors (AMD Opteron, Athlon and AMD Turion X2 Ultra families) earlier this week.”

Socket A bringing it back — anybody got some scotch tape and a pencil?
Socket A bringing it back — anybody got some scotch tape and a pencil?

When MS and AMD referred to these bugs as affecting old chips, they weren’t kidding. Assuming AMD properly gave its own full brand names in each case, as they did with the Turion X2 Ultra, AMD’s Athlon is over a decade old, as is the original Opteron brand. These references could conceivably refer to newer cores, but even the Turion X2 Ultra turns 10 this year. Owners of Ryzen or even Piledriver-derived hardware don’t seem to have much to worry about.

As for Variant 2 (Branch Target Injection, the variant MS believes has the greatest chance of harming performance), AMD continues to believe the company’s architecture makes it difficult to exploit. AMD is distributing microcode updates and MS has OS patches to coming to make this issue harder to leverage for system attacks. Once again, no performance impact information has been published.

AMD’s overall position in this statement is consistent with its previous guidance on January 3rd. The company stated then that vulnerability to Variant 2 had not yet been demonstrated on an AMD system. The company’s new language, which states that Variant 2 is “difficult” to exploit, represents a departure from its previous message. But with no context for how easy or difficult the exploit might be, we can’t gauge the size of the shift or the new relative risk.

Continue reading

Unreleased Nintendo Game Boy Keyboard Brought Back to Life
Unreleased Nintendo Game Boy Keyboard Brought Back to Life

Gaming history YouTuber Liam Robertson has gotten his hands on a Work Boy — possibly the last one in the world, and it's working thanks to that giant Nintendo data leak from a few months back.

Cyberpunked 2077: CDPR ‘Apologizes’ For Releasing Broken Game, Offers Refunds
Cyberpunked 2077: CDPR ‘Apologizes’ For Releasing Broken Game, Offers Refunds

Cyberpunk 2077's PS4 and Xbox One S version is so bad, the company is now offering refunds. We recommend last-gen console gamers take them up on it, rather than waiting.

Intel Releases Specs, Performance Data on Upcoming Alder Lake Core i9-12900K
Intel Releases Specs, Performance Data on Upcoming Alder Lake Core i9-12900K

Intel’s Alder Lake line of CPUs will hit store shelves on November 4, and the chip giant is sharing some additional data about specs and pricing ahead of its debut next week. We’ve written several deep dives on Alder Lake already this year, but to recap:Alder Lake is Intel’s next-generation desktop chip. It’s built on…

Google Releases First Android 12 Developer Preview
Google Releases First Android 12 Developer Preview

The first developer preview is available today, and you can take a peek at the new OS if you've got a recent Pixel phone. Be warned: this is a very early build that you should not use on your main phone.