@user,

admin wrote: ↑26 Mar 22, 10:31 As a result of Intel's investigation, the company discovered that the mitigation AMD has used since 2018 to patch the Spectre vulnerabilities isn't sufficient — the chips are still vulnerable. The issue impacts nearly every modern AMD processor spanning almost the entire Ryzen family for desktop PCs and laptops (second-gen to current-gen) and the EPYC family of datacenter chips.

As a result of Intel's investigation, the company discovered that the mitigation AMD has used since 2018 to patch the Spectre vulnerabilities isn't sufficient — the chips are still vulnerable. The issue impacts nearly every modern AMD processor spanning almost the entire Ryzen family for desktop PCs and laptops (second-gen to current-gen) and the EPYC family of datacenter chips.

As a reminder, the Spectre vulnerabilities allow attackers unhindered and undetectable access to information being processed in a CPU through a side-channel attack that can be exploited remotely. Among other things, attackers can steal passwords and encryption keys, thus giving them full access to an impacted system.

News of a fresh Spectre BHB vulnerability that only impacts Intel and Arm processors emerged this week, but Intel's research around these new attack vectors unearthed another issue: One of the patches that AMD has used to fix the Spectre vulnerabilities has been broken since 2018. Intel's security team, STORM, found the issue with AMD's mitigation. In response, AMD has issued a security bulletin and updated its guidance to recommend using an alternative method to mitigate the Spectre vulnerabilities, thus repairing the issue anew.