Windows 10: An Update on AMD Processor Security for Spectre and Meltdown


  1. Posts : 30,631
    64-bit Windows 10 Pro build 17713
       11 Jan 2018 #1

    An Update on AMD Processor Security for Spectre and Meltdown


    The public disclosure on January 3rd that multiple research teams had discovered security issues related to how modern microprocessors handle speculative execution has brought to the forefront the constant vigilance needed to protect and secure data. These threats seek to circumvent the microprocessor architecture controls that preserve secure data.

    At AMD, security is our top priority and we are continually working to ensure the safety of our users as new risks arise. As a part of that vigilance, I wanted to update the community on our actions to address the situation.

    • Google Project Zero (GPZ) Variant 1 (Bounds Check Bypass or Spectre) is applicable to AMD processors.
      • We believe this threat can be contained with an operating system (OS) patch and we have been working with OS providers to address this issue.
      • Microsoft is distributing patches for the majority of AMD systems now. We are working closely with them to correct an issue that paused the distribution of patches for some older AMD processors (AMD Opteron, Athlon and AMD Turion X2 Ultra families) earlier this week. We expect this issue to be corrected shortly and Microsoft should resume updates for these older processors by next week. For the latest details, please see Microsoft’s website.
      • Linux vendors are also rolling out patches across AMD products now.

    • GPZ Variant 2 (Branch Target Injection or Spectre) is applicable to AMD processors.
      • While we believe that AMD’s processor architectures make it difficult to exploit Variant 2, we continue to work closely with the industry on this threat. We have defined additional steps through a combination of processor microcode updates and OS patches that we will make available to AMD customers and partners to further mitigate the threat.
      • AMD will make optional microcode updates available to our customers and partners for Ryzen and EPYC processors starting this week. We expect to make updates available for our previous generation products over the coming weeks. These software updates will be provided by system providers and OS vendors; please check with your supplier for the latest information on the available option for your configuration and requirements.
      • Linux vendors have begun to roll out OS patches for AMD systems, and we are working closely with Microsoft on the timing for distributing their patches. We are also engaging closely with the Linux community on development of “return trampoline” (Retpoline) software mitigations.

    • GPZ Variant 3 (Rogue Data Cache Load or Meltdown) is not applicable to AMD processors.
      • We believe AMD processors are not susceptible due to our use of privilege level protections within paging architecture and no mitigation is required.

    There have also been questions about GPU architectures. AMD Radeon GPU architectures do not use speculative execution and thus are not susceptible to these threats.

    We will provide further updates as appropriate on this site as AMD and the industry continue our collaborative work to develop mitigation solutions to protect users from these latest security threats.

    Mark Papermaster,

    Senior Vice President and Chief Technology Officer


    Source: AMD Processor Security | AMD

    See also: Windows OS security update block for some AMD based devices - Windows 10 Forums
      My ComputersSystem Spec


  2. Posts : 38,043
    Dual boot Windows 10 FCU Pro x 64 & current Insider 10 Pro
       12 Jan 2018 #1

    Thanks for updating this, Shawn. :)

    Not sure yet, but it doesn't look like they'll go back as far as my CPU. Might have to update either the board or chip or both.

    We'll see what ASUS does.
      My ComputersSystem Spec


  3. Posts : 132
    Windows 10 Home 64bit V1709
       12 Jan 2018 #2

    I'm also hoping they will support my oldie but efficient MSI ADM notebook! At least be definitive on what they support!
    AMD Athlon Neo MV-40 CPU, 4GB of Ram, its latest chipset & BIOS is legacy:
    I have tried several times to update to Windows 10 CU v1709 but each time it downloads to around 80% an error message appears: "A hyper transport sync flood error occurred on last boot - Press F1 to resume" then it starts to restore previous version 1607 Windows! Never seen this error on my other Windows 10 builds...
      My ComputerSystem Spec

  4.    12 Jan 2018 #3

    Tony K said: View Post
    We'll see what ASUS does.
    Nothing at all unless AMD releases a microcode update to them.
      My ComputerSystem Spec


  5. Posts : 38,043
    Dual boot Windows 10 FCU Pro x 64 & current Insider 10 Pro
       12 Jan 2018 #4

    stormy13 said: View Post
    Nothing at all unless AMD releases a microcode update to them.
    Do you think ASUS has some influence of what AMD may do? Or how about when they both start reading a civil class-action lawsuit that's bound to arrive, unless it already has.
      My ComputersSystem Spec

  6.    13 Jan 2018 #5

    I thought the update for older AMD CPUs had been blocked. However, 2 days ago Windows Update tried to install the u[date on a 10 year old AMD based PC and bricked it. Fortunately, my Reflect backup came to the rescue. I've now blocked the update.
      My ComputersSystem Spec


  7. Posts : 18,512
    windows 10 professional version 1607 build 14393.969 64 bit
       13 Jan 2018 #6
      My ComputerSystem Spec


 

Related Threads
Read more: https://support.microsoft.com/en-us/help/4073757/protect-your-devices-against-spectre-meltdown See also: Windows Client Guidance against speculative execution vulnerabilities - Windows 10 Forums Understanding performance impact...
Do we know the actual risk of Meltdown and Spectre? in AntiVirus, Firewalls and System Security
There has been a lot discussion about Meltdown and Spectre on this forum and others, but I'm still confused. And I have 2 computers, and possibly 3, that are old enough that no BIOS remedy will be forthcoming so I'm going to be vulnerable to...
I am running FCU Win 10 Pro on a MSI P35 Neo F v1 motherboard with Core 2 Duo E8400 CPU. I have ran the MS controlsettings script which informs me I am protected from Spectre by Windows Update but not Meltdown without a BIOS/Microcode update. As...
https://www.howtogeek.com/338801/how-to-check-if-your-pc-is-protected-against-meltdown-and-spectre/ Curious if anyone has run this particular script having followed the directions in the article. I am modestly comfortable running PowerShell but...
Source: Meltdown and Spectre: what you need to know - Malwarebytes Labs | Malwarebytes Labs See also: Windows Client Guidance against speculative execution vulnerabilities - Windows 10 Forums
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 04:05.
Find Us