Intel has been pushing out software updates since the start of the year aimed at reducing the risks posed by the Spectre and Meltdown vulnerabilities affecting most of the company’s recent chips. But Intel processors aren’t the only ones affected.
While AMD notes that its chips are not susceptible to Meltdown-based attacks, the company says Windows and Linux updates that rolled out earlier this year were aimed at helping protect users from the Spectre Variant 1 vulnerability.
Now AMD is releasing patches aimed at mitigating the risk posed by Spectre Variant 2.
The company says Microsoft is rolling out updates for Windows 10 and plans to push out an update for Windows Server 2016 soon.
AMD is also releasing microcode updates to its hardware partners, but it’ll be up to PC and motherboard makers including Acer, Dell, Gigabyte, HP, Lenovo, and SuperMicro to actually make those updates available to users as BIOS updates.
The microcode updates are available for most AMD processors released since 2011.
The company says it thinks it would still be “difficult to exploit Variant 2 on AMD processors,” but difficult isn’t the same thing as impossible, so it’s good to see these updates beginning to roll out.
Because most PCs do not install BIOS updates automatically, I suspect a whole lot of computers will continue to go unpatched for the foreseeable future, even if PC makers do make updates available. But at the very least, with Intel and AMD offering microcode updates, any new PC you buy in the coming months will probably have the security improvements built into their firmware.
The bad news is that the vulnerabilities take advantage of a modern processor technology called speculative execution that helps computers perform certain tasks more quickly. These security updates could slow down a computer in some situations by changing the way speculative execution works. But early indications suggest that the performance hit isn’t as large as some had worried… at least not for gaming or other common tasks.
I just updated the BIOS (or UEFI, more precisely) of my 3rd gen. Intel Core i5 ThinkPad. It became 0.2% (or, statistically 0%) slower on the Geekbench Ubuntu 64-bit test. Am I doing something wrong? My machine isn’t close to 6% slower, as the CNET article claims: https://www.cnet.com/news/intel-chip-spectre-meltdown-6-percent-slowdown-security-fix-update/
“Older chips could see a hit to performance of as much as 8 percent”
It depends on the variety of benchmark. Things hit the hardest include processor cache-heavy benchmarks and solid state storage random access latency and transfer.