AMD Targeted By Class Action Suit Over Spectre Vulnerabilities

Two law firms have announced their intention to file class-action lawsuits against AMD. The firms claim the company failed to disclose knowledge of its products’ Spectre vulnerability.

The Meltdown/Spectre issue continues to ripple through the computer industry as affected hardware OEMs continue to push out patches, while wrongdoers try to take advantage of it. Compared to when the issue first made headlines, we now have a much clearer picture of the three distinct vulnerabilities that make up the issue and how they’re fixed. However, with so many affected CPUs, some of which are only partially affected by the issue, we still don’t have a clear picture of Meltdown/Spectre’s full impact.

Zen-based CPUs (Ryzen and Threadripper) from AMD are among those that are partially affected. Of the three vulnerabilities, the company said from the beginning that its CPUs did not suffer from Meltdown. There was more confusion around Spectre. The company initially claimed, and continues to maintain, that it’s vulnerable to Spectre Variant 1, which is patched at the OS level. As for Spectre Variant 2, however, AMD’s initial statement was that there was “near-zero risk of exploitation” on its CPUs; it later stated that it had issued “optional” CPU microcode updates for the vulnerability.

The change in position is part of why the Rosen and Pomerantz law firms are now targeting AMD. These lawsuits aren’t aimed at justice for consumers, though; they’re after AMD for failing to disclose to investors its knowledge of the vulnerabilities, which led to a claimed drop in stock value. AMD’s stock took an insignificant hit in after-hours trading on the day it announced its BIOS updates, but its has since recovered. Only the Pomerantz lawsuit specifically mentions Spectre Variant 2, whereas the Rosen lawsuit references only “a fundamental security flaw”. Both lawsuits seem to be viewing AMD’s eventual release of BIOS updates as a smoking gun for the case that AMD’s CPUs are vulnerable to Spectre Variant 2 after all.

Since the announcement of the BIOS updates, AMD hasn’t made any more statements on Meltdown/Spectre. Meanwhile, there are already multiple lawsuits against Intel.

In response to our inquiry, AMD said that the “allegations are without merit” and that it intends “to vigorously defend against these baseless claims.”

This thread is closed for comments
    Your comment
  • shabbo
    These lawyer scumbags are a disease to the free world. I can understand the rationale behind suing intel for hiding a critical vulnerability from their customers for 6 months, but AMD didn't do anything wrong. AMD said on Jan 3rd 'near-zero' risk. 'Near-zero' is still a non-zero value and therefore AMD released an 'optional' BIOS patch. It's optional because it's still a near-zero risk since the exploit requires access to the motherboard pin-outs. So wtf these bozo laywers even think they have a case against AMD just because it sounds similar to that of Intel's issue.
  • Tony_117
    Scumbag lawyers looking to make a quick buck. I was recently in a class action lawsuit because a store was charging online customers more than in store ones, wrongly. Lawyers walked away with 60+ million and the rest of us got like $6.
  • hannibal
    Next They will go after arm cores and next... sigh...