AMD rolls out CPU firmware and Windows 10 patches to protect against Spectre exploits
11 April 2018 | 0
Intel recently finished its barrage of CPU microcode updates designed to combat the Spectre variant 2 exploit, and on Tuesday, AMD revealed its own plans to protect PCs against the flaw. (AMD processors aren’t vulnerable to Meltdown.)
AMD’s announcement, penned by chief technical officer Mark Papermaster, released alongside Microsoft’s monthly Patch Tuesday update. It showcases how complex plugging Meltdown and Spectre’s security holes can be. Today’s Windows 10 updates include code containing Spectre variant 2 mitigations at an operating system level, similar to how a Windows update in early January protected against Specter variant 1.
But unlike that earlier patch, the latest Windows update is only part of the solution. AMD says it’s also released CPU firmware updates with “our recommended mitigations addressing Variant 2” to the company’s hardware partners, with patches available for processors going back to CPUs built on the Bulldozer architecture in 2011. (Intel’s firmware updates stop around the same time frame.) The post doesn’t specify which processors received patches, but presumably AMD’s newer Ryzen processors were at the front of the line.
Also cross your fingers that your system will even see the motherboard updates needed to apply AMD’s new CPU firmware. You don’t download Spectre mitigations directly from Intel or AMD; instead, you need to wait for the maker of your motherboard or pre-built desktop to release a new BIOS with the fixes wrapped in. A quick check of a handful of prominent Ryzen X370 motherboards didn’t show any April BIOS updates, though Tech Report says it was able to fully patch one of its systems.
I’d expect to see many Ryzen-era motherboards patched to include CPU microcode that protects against Spectre, but don’t hold your breath for older systems. On the Intel side, no motherboard vendors have pledged to release BIOS updates for anything older than 6th-gen Skylake-era systems, which launched in 2015. AMD’s firmware updates do no good if you can’t get them on your older PC. AMD links to central hubs for BIOS updates and system resources from its hardware partners here.
AMD maintains that the Spectre Variant 2 mitigations are “difficult to exploit” on its processors, and originally classified these microcode updates as optional. Nevertheless, you’ll want to safeguard your computer as much as possible. PCWorld’s guide on how to protect your PC against Meltdown and Spectre can walk you through the messy process of getting your hardware, software, and operating system locked down. If a Spectre-slamming BIOS update isn’t available for your motherboard or prebuilt desktop system, also consider investing in a strong antivirus solution, because security researchers have discovered malware designed to exploit these vulnerabilities.
Intel and AMD are building hardware-level mitigations into future CPUs, but the computing industry will be struggling with Meltdown and Spectre for a long, long time.
IDG News Service