Intel is not the only chip maker answering questions about Spectre and Meltdown.
When discussing the company's latest quarterly results with analysts this week, Advanced Micro Devices Inc. (NYSE: AMD) CEO Dr. Lisa Su addressed concerns about her efforts to weed out the Spectre and Meltdown vulnerabilities from AMD's processors.
Specifically, Su told analysts on January 30 that AMD's upcoming Zen 2 processors will have fixes for Variant 1 and Variant 2 of the Spectre flaw. Currently, AMD has not reported any issues with the Meltdown vulnerability.
Chips based on the company's Zen 2 architecture are expected to be released either later this year or in early 2019, according to published reports. In the meantime, Su told analysts the company is working with OEMs, as well as software providers, to create patches to secure against any exploits linked to Spectre.
In a transcript of her remarks to analysts, Su noted:
For Spectre Variant 1, we continue actively working with our ecosystem partners on mitigations, including operating system patches that have begun to roll out. We continue to believe that Variant 2 of Spectre is difficult to exploit on AMD processors. However, we are deploying CPU microcode patches that in combination with OS updates provide additional mitigation steps. Longer term, we have included changes in our future processor cores, starting with our Zen 2 design, to further address potential Spectre like exploits.
Intel CEO Brian Krzanich made a similar pledge last week. (See Intel CEO Promises Chips That Fix Spectre & Meltdown Flaws .)
As Su noted, the Variant 2 flaw associated with Spectre is the more difficult of the two to exploit, but it's also the more difficult flaw to patch. It's this variant that caused Intel Corp. (Nasdaq: INTC) to withdraw some patches earlier this month. (See HPE, Dell EMC Warn Customers Over Spectre, Meltdown Patches.)
Intel's response also drew a rebuke from Linux pioneer Linus Torvalds. (See Linus Torvalds: Intel's Spectre Patch Is 'Complete & Utter Garbage'.)
Since January, nearly the entire chip industry has been forced to deal with the fallout after researchers published a report about Spectre and Meltdown.
Researchers found that by manipulating pre-executed commands within the chip, which help make data available faster, hackers can gain access to the content of the kernel memory. This, in turn, can allow the hacker to gain access to encryption keys and other authentication details of whatever system the CPU is running in.
Despite these flaws, neither Intel nor AMD have seen a significant change to their bottom lines. When asked about costs on Tuesday's call, Sun said, "As it relates to any unusual expenses with Spectre and Meltdown, there are no particular unusual expenses related to that."
- Spectre, Meltdown Flaws Already Producing Spam
- After Spectre & Meltdown, Intel Faces an 'Evil Maid' Problem
- Security Warning: Intel Inside
- Meltdown & Spectre News Gets Worse – & Better