Guru3D.com
  • HOME
  • NEWS
    • Channels
    • Archive
  • DOWNLOADS
    • New Downloads
    • Categories
    • Archive
  • GAME REVIEWS
  • ARTICLES
    • Rig of the Month
    • Join ROTM
    • PC Buyers Guide
    • Guru3D VGA Charts
    • Editorials
    • Dated content
  • HARDWARE REVIEWS
    • Videocards
    • Processors
    • Audio
    • Motherboards
    • Memory and Flash
    • SSD Storage
    • Chassis
    • Media Players
    • Power Supply
    • Laptop and Mobile
    • Smartphone
    • Networking
    • Keyboard Mouse
    • Cooling
    • Search articles
    • Knowledgebase
    • More Categories
  • FORUMS
  • NEWSLETTER
  • CONTACT

New Reviews
Intel NUC 13 Pro (Arena Canyon) review
Endorfy Arx 700 Air chassis review
Beelink SER5 Pro (Ryzen 7 5800H) mini PC review
Crucial T700 PCIe 5.0 NVMe SSD Review - 12GB/s
Sapphire Radeon RX 7600 PULSE review
Gainward GeForce RTX 4060 Ti GHOST review
Radeon RX 7600 review
ASUS GeForce RTX 4060 Ti TUF Gaming review
MSI GeForce RTX 4060 Ti Gaming X TRIO review
GeForce RTX 4060 Ti 8GB (FE) review

New Downloads
AMD Radeon Software Adrenalin 23.5.2 WHQL download
Intel ARC graphics Driver Download Version: 31.0.101.4382
CrystalDiskInfo 9.0.1 Download
Corsair Utility Engine Download (iCUE) Download v5.2
GeForce 535.98 WHQL driver download
CPU-Z download v2.06
AMD Radeon Software Adrenalin 23.5.1 WHQL download
GeForce 532.03 WHQL driver download
AMD Chipset Drivers Download 5.05.16.529
Display Driver Uninstaller Download version 18.0.6.4


New Forum Topics
Gigabyte Motherboards Affected by Firmware Backdoor, Over 250 Models Impacted AMD Software: Adrenalin Edition 23.5.2 - Driver Download and Discussion Amernime Zone AMD Software: Adrenalin / Pro Driver - Discovery Remix 23.4.2 WHQL [Omega 23.5.1 WIP] Lian Li presents new cases at Computex 2023 and a fan with an embedded diaplay G.SKILL DDR5 8800 Memory Kits Overclocking Demonstrations at Computex As per home page NV chat bot. AMD Software: 23.Q2.1 iCafe edition - Driver Download and Discussion AI drone tried to remove its human operator from commanding - under simulation NVIDIA GeForce Hotfix Driver 536.09 AMD Software: Adrenalin Edition 23.5.1 - Driver Download and Discussion




Guru3D.com » News » AMD Security Announcement on Fallout, RIDL and ZombieLoad Attack

AMD Security Announcement on Fallout, RIDL and ZombieLoad Attack

by Hilbert Hagedoorn on: 05/15/2019 10:52 AM | source: | 89 comment(s)
AMD Security Announcement on Fallout, RIDL and ZombieLoad Attack

AMD today responded to yesterday's news about the new serious Intel processor vulnerabilities. In this announcement, they confirmed that their processors are not susceptible to this kind of vulnerability.

Yesterday, researchers announced three new security exploits – Fallout, Rogue In-Flight Data Load (RIDL) and “ZombieLoad Attack”. Based on our internal assessment, we believe AMD products are not impacted by these new threats.

Below is our public statement, which you’ll also find available here.

At AMD we develop our products and services with security in mind. Based on our analysis and discussions with the researchers, we believe our products are not susceptible to ‘Fallout’, ‘RIDL’ or ‘ZombieLoad Attack’ because of the hardware protection checks in our architecture. We have not been able to demonstrate these exploits on AMD products and are unaware of others having done so.

You can read up all about it in this whitepaper, titled “Speculation Behavior in AMD Micro-Architectures.”

  







« ASUS ROG Rapture GT-AC2900 Gaming Router available soon (WIFI 5) · AMD Security Announcement on Fallout, RIDL and ZombieLoad Attack · Review: be quiet! Dark Rock SLIM »

Related Stories

AMD Security Vulnerability – The Day After - Seems Financially Motivated - 03/14/2018 06:20 PM
It has been a day after the news broke on the acclaimed AMD Security Vulnerabilities. In this news-item, I wanted to recap and report on the current status and overview, as well as my look on things....

AMD Security Statement from CTO and SVP Mark Papermaster - 01/12/2018 03:30 PM
AMD have updated their web page and clarified a bit more on speculative_execution vulnerabilities with some additional details on current state of affairs and AMD actions....


18 pages « < 4 5 6 7 > »


fantaskarsef
Senior Member



Posts: 14623
Joined: 2014-07-21

#5669408 Posted on: 05/15/2019 02:06 PM
Go ahead, switch to AMD, when such overhyped vulnerabilities will easily be patched with microcode update, minimal performance impacts, it is good that research is being done on the matter, and i dont feel any less secure. With AMD you get lower per core performance, low efficiency interconnect, lower performance in games and productivity software. It is definitely not a reason to bash intel over this.

The security issue is not overhyped. Why fix anything if it's not that bad? Intel themselves prove you wrong by working on a fix.
Easily patched via a microcode update? I don't get those for my mainboard / CPU anymore, Haswell-E did not get the last fixes like Skylake etc., de facto I have no way to fix this as a user besides hacking a bios. That's not "easily" done, even for people around here on the forums.
Minimal performance impact, yeah sure. The least impact is on Skylake, the rest is actually pretty hefty. Read the benchmarks. And even if it's just a few %, add it up with 3 major issues and you get -15%. That is not minimal.
The reason you don't feel any more or less secure is because it was researches who discovered this vulnerability, not a black hat hacker. If so, we're back to wannacry that crippled virtually every PC or endangered it, as well as infrastructure. In these modern times, sorry to say, we as simple users are not the target. But have fun with your all so secure Intel CPU when the hackers switch off your districts power grid because an Intel CPU is in the server farm managing the grid. And it's not like this never happened before.
Sure, "lower per core performance" is lower in some scenarios, and higher in others with AMD. Especially for productivity you get a better deal with AMD, not sure what you are specifically referring to that makes Intel shine there. Gaming, you might be right, but not above 1080p. Then the CPU becomes less important, and when you're playing 4K AMD is just as good as Intel right now.
But hey, stay with your Intel CPUs it's fine, to each their own. I don't want a product that's faulty for a premium price when I can very well get by with something else without any issues like breaking OS features with mitigations, crippling performance people paid for, and not even having a fix for everything offered to everybody because older CPUs aren't interesting to them anymore.
And yes Intel does deserve bashing here, why should they not? It's pretty clear that their product has issues, yet they always sold it for a premium price. They didn't know? Too bad, just because I don't know there's a law forbidding something doesn't make me innocent when I still break it.
"Sorry I didn't know every CPU we sold is de facto 10% slower an average than we said because we need to fix so many vulnerabilites the average user doesn't even know, but thanks for your money, we used it well to NOT improve our products that much at all, but our company's officers earned a few good bonuses."


You AMD fanboy's realize, this vulnerabilities have been around since 2008 or something and no one has been attacked due to it.... now there are actual patches out in software and soon micro code updates. Safer today than yesterday.

But go ahead, make a mountain out of a ant hill and enjoy your lower performance AMD in every application.

You Intel fanboy realise, that the patches and microcode updates probably won't be available for every one of those older CPUs? Like the last vulnerabilities still haven't reached an available patch state for Haswell and before that? So no, I'm actually less safe than yesterday because now the vulnerability I can't patch is publicly known.
But yeah, go ahead on your high horse and enjoy your security issues and the "better performance" in "every" application (which simply is not true, but read it up yourself).


And yes guys, I'll enjoy my new CPU, thanks :) Enjoy your old ones as well, I'm sure you performance will only increase with those fixes!!1! INTEL 4 EVA!!1!

Venix
Senior Member



Posts: 3107
Joined: 2016-08-01

#5669409 Posted on: 05/15/2019 02:07 PM
You AMD fanboy's realize, this vulnerabilities have been around since 2008 or something and no one has been attacked due to it.... now there are actual patches out in software and soon micro code updates. Safer today than yesterday.

But go ahead, make a mountain out of a ant hill and enjoy your lower performance AMD in every application.

A) how you know none used em?
B) if they are known since 2008 how this makes intel look not fixing em in 11 years??
C) with this reasoning if there is no burglary on your neighbor last few years stop locking your door and instead just leave em wide open!

deusex
Senior Member



Posts: 707
Joined: 2003-11-19

#5669417 Posted on: 05/15/2019 02:19 PM
Just build new gaming rig for my nephew. It was my fist AMD build and surprisingly to me it is a nice running machine. Waiting for Ryzen 3000 to build something for my self.

er557
Senior Member



Posts: 423
Joined: 2002-07-24

#5669419 Posted on: 05/15/2019 02:21 PM
@fantaskarsef :
Microcode updates for every intel cpu are available from microsoft, haswell included, they just released one yesterday, I have installed it, it loads before the kernel , not needing any bios or firmware update. My OS is fully mitigated now, so should be yours(1903 latest cumulative update)

Fox2232
Senior Member



Posts: 11808
Joined: 2012-07-20

#5669420 Posted on: 05/15/2019 02:22 PM
As I understand it, 8th and 9th gen Intel CPUs are not affected by these MDS vulnerabilities, as they are mitigated on a hardware level.

Ironically, 9th-generation CPUs are more vulnerable to some of our attacks compared to older generation hardware.

Sure.

18 pages « < 4 5 6 7 > »


Post New Comment
Click here to post a comment for this news story on the message forum.


Guru3D.com © 2023