Earlier this week, AMD released the updates for Google Project Zero (GPZ) Variant 2 (Spectre) for Microsoft Windows users to mitigate the vulnerabilities and safeguard its products against Spectre flaw.
These mitigations require a combination of processor microcode updates from our OEM and motherboard partners, as well as running the current and fully up-to-date version of Windows. For Linux users, AMD recommended mitigations for GPZ Variant 2 were made available to our Linux partners and have been released to distribution earlier this year.
As a reminder, GPZ Variant 1 (Spectre) mitigation is provided through operating system updates that were made available previously by AMD ecosystem partners. GPZ Variant 3 (Meltdown) does not apply to AMD because of our processor design.
Mark Papermaster, Senior Vice President and CTO at AMD said, “While we believe it is difficult to exploit Variant 2 on AMD processors, we actively worked with our customers and partners to deploy the above described combination of operating system patches and microcode updates for AMD processors to further mitigate the risk. A whitepaper detailing the AMD recommended mitigation for Windows is available, as well as links to ecosystem resources for the latest updates.”
Microsoft is releasing an operating system update containing Variant 2 (Spectre) mitigations for AMD users running Windows 10 (version 1709) today. Support for these mitigations for AMD processors in Windows Server 2016 is expected to be available following final validation and testing.
Papermaster added, “In addition, microcode updates with our recommended mitigations addressing Variant 2 (Spectre) have been released to our customers and ecosystem partners for AMD processors dating back to the first “Bulldozer” core products introduced in 2011.”
The company also suggested the users to check with their provider for the latest updates as it said AMD customers will be able to install the microcode by downloading BIOS updates provided by PC and server manufacturers and motherboard providers.
“We will provide further updates as appropriate on this site as AMD and the industry continue our collaborative work to develop solutions to protect users from security threats.” concluded Papermaster.