AMD clarifies Spectre vulnerability, fix

AMD clarifies Spectre vulnerability, fix

An afternoon recap of the day's most important business news, delivered weekdays. On Tuesday, Microsoft temporarily paused sending software updates to some devices with AMD processors after discovering some machines were rendered unusable.

Intel has issued a fix for the Meltdown and Spectre exploits, but users are hesitant to install these updates as they might impact their systems' performance. The company said updates may need to be issued in order to solve the problem.

The architecture flaws first came to light for vendors in mid-2017.

Meantime, on the other side of the CPU fence, AMD has published an update on its processor's security regarding Spectre (as Meltdown doesn't affect AMD chips, only Intel ones).

The confusion is understandable, since AMD's initial statement last week said, in part, that "AMD is not susceptible to all three variants".

Apple users need to update their computers, mobile devices and even Apple TVs with MacOS 10.13.2, iOS 11.2 and tvOS 11.2, respectively.

It is unclear which financial institutions were targeted by the hackers. We expect this issue to be corrected shortly and Microsoft should resume updates for these older processors by next week. Intel announced that they plan to have firmware updates for 90 percent of processors made in the past five years by Saturday, Jan. 13, and for older processors by the end of the month. Intel is currently using its True VR platform in a variety of sporting venues like Major League Baseball, PGA Tour, NFL and the NBA.

The bad news on the fix front applies to Broadwell and Haswell CPUs in terms of both consumer and data center use, with rebooting issues apparently plaguing some users.

What systems require patching for vulnerabilities?

He further added that Intel will "commit to publicly identify significant security vulnerabilities following rules of responsible disclosure" going forward. However it is supplying driver updates to "mitigate the CPU security issue". Google is also set to announce a patch for devices running Android. Systems equipped with 8th generation (Kaby Lake, Coffee Lake) chips and SSDs will be the least affected, with the expected impact being less than 6 percent.

The move comes as large technology companies unite to beef up their defenses against government intrusion and hacking, most notably after Edward Snowden exposed last year the National Security Agency's mass surveillance programs. Companies should ensure defense-in-depth info security protections are in place (e.g., endpoint security, firewalls, log management) and are efficiently working. ".Timely adoption of software and firmware patches by consumers and system manufacturers is critical".