Wednesday, May 15th 2019
AMD Confirms its Processors are Unaffected by RIDL and Fallout Vulnerabilities
AMD in a statement confirmed that its processors are unaffected by the RIDL (Rogue In-Flight Data Load) and Fallout vulnerabilities. The company however worded its statement in CYA language, just to be safe. "...we believe our products are not susceptible to 'Fallout' or 'RIDL' because of the hardware protection checks in our architecture. We have not been able to demonstrate these exploits on AMD products and are unaware of others having done so," reads the AMD statement put out late Tuesday (14th May).
AMD came to these conclusions on the basis of its own testing and discussions with the researchers who discovered RIDL. It's important to note here, that the "Fallout" vulnerability AMD is referring to in this statement is the one which is part of four MDS vulnerabilities Intel disclosed yesterday, and not the identically named "Fallout" vulnerability discovered by CTS Labs in 2018, allegedly affecting secure memory management of AMD "Zen" processors.
Source:
AMD
AMD came to these conclusions on the basis of its own testing and discussions with the researchers who discovered RIDL. It's important to note here, that the "Fallout" vulnerability AMD is referring to in this statement is the one which is part of four MDS vulnerabilities Intel disclosed yesterday, and not the identically named "Fallout" vulnerability discovered by CTS Labs in 2018, allegedly affecting secure memory management of AMD "Zen" processors.
18 Comments on AMD Confirms its Processors are Unaffected by RIDL and Fallout Vulnerabilities
Intel CPU Dies should be round with the amount of corner cutting they have been doing.
Hyper Threading is just branding.
Additionally, the worst performance regression I am aware of at ANY time, in any workload as a result of any Spectre/Meltdown patch was 24% impact - and that was specifically on one piece of software: postgres.
Since that time, there have been numerous new patches and revisions, and performance impact has been reduced in all cases, to either no impact at all (for most consumer tasks), or low single digit % hits for anything professional or datacentre.
Microsoft (not Intel) have also stated that their 1H-2019 Windows 10 patch will reduce the performance impact of all Spectre and Meltdown mitigations to "Noise level" - IE, low impact than could be explained by simple test variance, thus eliminating the issue related to those patches entirely. (Linux has had retpoline enabled for a few months now btw, so is also no longer significantly impacted by spectre patch performance regressions)
www.techpowerup.com/248714/windows-10-1h-2019-update-to-reduce-performance-impact-of-spectre-v2-mitigations
(Edit) I am sorry, I was wrong, it should be 40%.
Mac Performance Drops Up to 40% With Intel Vulnerability Mitigations
Well, its doesn't sound great, but it's good enough.
They both are just really bad ideas.Yeah, we aren't mac users but cool story bro.Run MDS tool. You can confirm it and no, it looks like right now it needs a microcode command to enable mitigations. AMD is unlikely to release this command in it's AGESA since it does not appear to think it needs it. I believe them to be correct, but the world is crazy as of late.Probably looking at the Spectre flags. In which case: You probably are vulnerable. What AGESA?