AMD没有它......说他们的筹码是架构不同的 - 近零风险。我只能说......如果它是基于x86平台,那么它有风险。
那主要安全漏洞attributed to Intel chips might not be so Intel-specific after all. After hours of silence, Intel hasposted一个response denying some of the claims about the exploit, which is believed to revolve around identifying content in an operating system kernel’s protected memory space. The chip giant shot down reports that the issue was unique to its CPUs, noting that it’s working with AMD and ARM (not to mention multiple OS makers) to create a solution — sorry, you’re not safe because you have a Ryzen rig. It also reminded people that the performance hit of the fix would be “workload-dependent,” and shouldn’t be noticeable for the “average computer user.”
该公司还声称这不是一个缺陷,而是“软件分析方法”可能会从计算设备中获取敏感信息。英特尔添加了损坏,删除或修改数据,虽然有人采用敏感材料,但似乎没有损坏,删除或修改数据。滥用漏洞的人有“没有实例”,英特尔首席Brian Krzanich告诉CNBC.。
更新:AMD isn’t having Intel’s claims that the issue is hardware-independent. In its ownstatement,它断言架构差异意味着对AMD制造的处理器有“近零风险”。这与初始报告一起参考了来自AMD的通信,这表明其处理器并不脆弱。清楚地说,他说 - 她说争端正在进行中,在我们获得完整的故事之前可能有一段时间。您可以阅读以下完整陈述。
“Hi – There is a lot of speculation today regarding a potential security issue related to modern microprocessors and speculative execution. As we typically do when a potential security issue is identified, AMD has been working across our ecosystem to evaluate and respond to the speculative execution attack identified by a security research team to ensure our users are protected.
“To be clear, the security research team identified three variants targeting speculative execution. The threat and the response to the three variants differ by microprocessor company, and AMD is not susceptible to all three variants. Due to differences in AMD’s architecture, we believe there is a near zero risk to AMD processors at this time. We expect the security research to be published later today and will provide further updates at that time.”
Update 2:漏洞对漏洞的禁运已经提前过期,我们现在更清楚地了解它们是什么。崩溃is the one at the heart of the issue, and uses speculative execution to break the “fundamental isolation” between apps and the OS in a bid to swipe data. Spectre, meanwhile, uses a similar approach to break walls between otherwise secure apps. In fact, the safety checks of some of those apps actually make them更多的vulnerable. It’s more difficult to exploit Spectre, but it’s also more difficult to stop.
Google and Microsoft have already outlined what they’re doing.Google saysAndroid phones with the latest security update are safe, as are Google Apps, Google App Engine and smart phone devices like Google Home, Chromecast and Google WiFi. You’ll want to invoke a Site Isolation feature on Chrome or Chrome OS, however. Microsoft, meanwhile, has发布一个罕见的休假Windows安全更新以解决问题。
来源:
