AMD lukker sikkerhedshullet mod Spectre variant 2 med ny patch
AMD har frigivet patches til Meltdown og Spectre sikkerhedshulerne sammen med Microsofts seneste Windows 10 opdateringer.
Opdateringerne kommer i samme omgang som anbefalet sikkerhedsopdatering til Google Project Zero (GPZ) Variant 2 (Spectre) til Microsoft Windows brugerne. For at lukke helt af i denne omgang, kræves det en kombination af processor mikrokode fra ORM og bundkortspartnerne sammen med en up-to-date version af Windows. Er du Linux bruger, anbefaler AMD sikkerhedsopdateringen til GPZ Variant 2, som blev frigivet tidligere på året.
Den nye patch indeholder kode, som dæmmer op Spectre variant 2 via Windows Update, som vi også blev præsenteret for med Spectre variant 1 opdateringen.
”AMD customers will be able to install the microcode by downloading BIOS updates provided by PC and server manufacturers and motherboard providers. It doesn’t say which processors received patches, but presumably AMD’s newer Ryzen processors were first to get them. Some of the fixes will need a new BIOS, and so far no Ryzen X370 motherboards have April BIOS updates”
Spectre Mitigation Update
Today, AMD is providing updates regarding our recommended mitigations for Google Project Zero (GPZ) Variant 2 (Spectre) for Microsoft Windows users. These mitigations require a combination of processor microcode updates from our OEM and motherboard partners, as well as running the current and fully up-to-date version of Windows. For Linux users, AMD recommended mitigations for GPZ Variant 2 were made available to our Linux partners and have been released to distribution earlier this year.
As a reminder, GPZ Variant 1 (Spectre) mitigation is provided through operating system updates that were made available previously by AMD ecosystem partners. GPZ Variant 3 (Meltdown) does not apply to AMD because of our processor design.
While we believe it is difficult to exploit Variant 2 on AMD processors, we actively worked with our customers and partners to deploy the above described combination of operating system patches and microcode updates for AMD processors to further mitigate the risk. A whitepaper detailing the AMD recommended mitigation for Windows is available, as well as links to ecosystem resources for the latest updates.
Operating System Updates for GPZ Variant 2/Spectre
Microsoft is releasing an operating system update containing Variant 2 (Spectre) mitigations for AMD users running Windows 10 (version 1709) today. Support for these mitigations for AMD processors in Windows Server 2016 is expected to be available following final validation and testing.
AMD Microcode Updates for GPZ Variant 2/Spectre
In addition, microcode updates with our recommended mitigations addressing Variant 2 (Spectre) have been released to our customers and ecosystem partners for AMD processors dating back to the first “Bulldozer” core products introduced in 2011.
AMD customers will be able to install the microcode by downloading BIOS updates provided by PC and server manufacturers and motherboard providers. Please check with your provider for the latest updates.
We will provide further updates as appropriate on this site as AMD and the industry continue our collaborative work to develop solutions to protect users from security threats.
Mark Papermaster, Senior Vice President and Chief Technology Officer