AMD Releases Spectre Microcode And Software Patches

AMD announced that it has made mitigations available for Spectre Variant 2 through a combination of microcode and software updates. The new patches will protect all of AMD's products dating back to Bulldozer, provided they are paired with the latest version of the Windows 10 operating system. 

AMD has already addressed Spectre Variant 1 with operating system patches that it distributed via Windows updates. AMD had no exposure to Variant 3 (otherwise known as Meltdown) due to its processor architecture, so no patches are needed.

Microsoft is pushing out an operating system update today that contains the software patches for Spectre Variant 2. These patches will go out to users on Windows 10 (version 1709), but it's unclear how AMD will address patching older versions of Windows. AMD is also going through final validation and testing for Windows Server 2016 patches.

The microcode updates will filter into the broader ecosystem via OEMs and motherboard vendors. AMD users will have to wait for BIOS updates that contain the new patch, but AMD has a resource page to help users locate the relevant patches.

AMD isn't releasing patches for its pre-2011 processors, but like Intel, the company may have decided that patching older processors would have limited support from OEM partners.

Intel's Meltdown patches have had a limited performance impact, but the Spectre Variant 2 patches have more of an impact on applications that commonly issue kernel calls, such as storage-intensive applications and web browsers. These performance penalties are more severe with Intel's older processors. AMD has released a new whitepaper (PDF) covering the technical aspects of the patches, but it doesn't contain any information on possible performance impacts. We're following up with the company to learn more. 

These new mitigations apply to the Spectre mitigations, and not the vulnerabilities exposed by CTS-Labs' recent revelations. CTS-Labs has come under intense scrutiny, and deservedly so, for its preemptive disclosures, but the company did expose several vulnerabilities that can be exploited through second-level attacks. AMD has promised timely mitigations for those vulnerabilities, which should arrive soon.

MORE: All You Need To Know About Spectre And Meltdown

Paul Alcorn
Managing Editor: News and Emerging Tech

Paul Alcorn is the Managing Editor: News and Emerging Tech for Tom's Hardware US. He also writes news and reviews on CPUs, storage, and enterprise hardware.

  • jpe1701
    Coincidentally I just put together an half from spare parts and a g4560 I purchased for really cheap and noticed a big difference from the benchmarks in the reviews and my own. I used an app to shut off spectre/meltdown protections just to see if that was why my scores were so off and my cup-z single thread score went from 258 to 372. It made a huge difference. Much more responsive too.
  • kinney
    It is a massive difference as JPE1701 said, the press is covering up the massive performance hit in IO operations for Intel. In productivity the losses are up to 30%, but it's up to 50% for minimum framerates (all that matters, really) in games. Titles affected do heavy texture streaming.

    I really hate to see what will happen once everything is patched. I'm not updating any hardware until 2019 when all Spectre variants are fixed in hardware by Intel & AMD. If I had to buy anything before then, I'd recommend the AMD stuff. Especially the 2400G, love that chip & no Meltdown worries with it.