Credit: ShutterstockPerhaps unsurprisingly at this point, new security vulnerabilities have been found in Intel's CPUs dating all the way back to 2008. Known as Zombieload, RIDL, Fallout, and MDS (Intel's official naming), these holes in Intel's architecture are the latest in a string of vulnerabilities that have been revealed one after the other since the early 2018 debut of Meltdown. Meanwhile, AMD maintains that Zombieload, just like Meltdown, Foreshadow, and Spoiler before, only affects Intel processors and not any produced by AMD.
AMD listed its processors as immune on its website and made a statement on the r/AMD subreddit:
"At AMD we develop our products and services with security in mind. Based on our analysis and discussions with the researchers, we believe our products are not susceptible to ‘Fallout’, ‘RIDL’ or ‘ZombieLoad Attack’ because of the hardware protection checks in our architecture. We have not been able to demonstrate these exploits on AMD products and are unaware of others having done so."
Not having these vulnerabilities is obviously important for AMD, especially for its growing data center products, where security is vital to business. But it's not just security holes that are plaguing Intel, the patches for them also harm Intel as well. Operating system- and software-level solutions to Intel's many vulnerabilities (which even include disabling Hyper-Threading, something Intel charges extra for) reduce the performance of its processors. The Linux-focused Phoronix website tested the performance difference on Intel's Core i9 7980XE (with Hyper-Threading enabled) and found that the performance reduction was often around 10%, but sometimes as high as 50% (in one case). AMD, not requiring any patches, obviously loses no performance.
Consumers with Intel processors may accept these vulnerabilities so as to avoid performance penalties, but those who opted for Ryzen, Threadripper, and Epyc, are surely relieved that they can escape with their performance intact and security unaffected.