AMD Hits a Snag Over Patch for Chip Flaw

FeaturesDow Jones Newswires

Days after Advanced Micro Devices Inc. suggested its chips were largely unaffected by significant vulnerabilities found in a variety of processors, the rival to Intel Corp. has run into trouble.

Microsoft Corp. on Tuesday said some customers found their AMD-powered computers were unusable after applying the latest security patches for the Windows operating system.

Continue Reading Below

On an online support page, Microsoft said it would "temporarily pause" sending updates to some devices running AMD processors. After investigating, the software giant said it found "some AMD chipsets do not conform to the documentation previously provided to Microsoft."

Intel's shares sank in the two days after the chip vulnerabilities were disclosed last week, while AMD shares are up more than 15% since Jan. 2, the day before news of the security flaws was widely disclosed. An AMD spokesman at the time said the flaws posed a "near-zero risk" to its processors. Its shares were down 3.5% in afternoon trading Tuesday.

The patch issue affects "a small subset of older processors that were sold prior to 2009," an AMD spokesman said Tuesday.

AMD and security researchers say the company's chips aren't vulnerable to the most easily exploitable -- but most easily patched -- variant of the security flaws, known as Meltdown.

Instead, the problem that is being patched by Microsoft concerns a variant of another flaw, known as Spectre. It is likely to be an increasingly important security problem in the months to come, as researchers learn more about the issue, said Paul Kocher, an independent security researcher, who was among those who discovered the Spectre vulnerabilities.

"Once the Meltdown patches are installed, I don't see any significant security difference between Intel and AMD on these issues," he said.

AMD should have done a better job documenting how software makers should develop patches for the chip maker's hardware and more clearly explained the security issues associated with their products, Mr. Kocher said. Rivals Intel and ARM Holdings have offered much more detailed documentation of these security issues, he said.

"Microsoft has access to our processor architecture documentation, which is essentially what is needed, and we have been engaged regularly in engineering meetings to assist since this was disclosed," the AMD spokesman said.

Glitches are possible any time a software update is deployed. "It wouldn't be the first time a Windows update had an issue," said Patrick Moorhead, an analyst with Moor Insights & Strategy. "But it's obviously not a positive thing."

Write to Robert McMillan at Robert.Mcmillan@wsj.com and Ted Greenwald at Ted.Greenwald@wsj.com

Days after Advanced Micro Devices Inc. suggested its chips were largely unaffected by significant vulnerabilities found in a variety of processors, the rival to Intel Corp. has run into trouble.

Microsoft Corp. on Tuesday said some customers found their AMD-powered computers were unusable after applying the latest security patches for the Windows operating system.

On an online support page, Microsoft said it would "temporarily pause" sending updates to some devices running AMD processors. After investigating, the software giant said it found "some AMD chipsets do not conform to the documentation previously provided to Microsoft."

Intel's shares sank in the two days after the chip vulnerabilities were disclosed last week, while AMD shares are up more than 15% since Jan. 2, the day before news of the security flaws was widely disclosed. An AMD spokesman at the time said the flaws posed a "near-zero risk" to its processors. Its shares were down 3.5% in afternoon trading Tuesday.

The patch issue affects "a small subset of older processors that were sold prior to 2009," an AMD spokesman said Tuesday.

AMD and security researchers say the company's chips aren't vulnerable to the most easily exploitable -- but most easily patched -- variant of the security flaws, known as Meltdown.

Instead, the problem that is being patched by Microsoft concerns a variant of another flaw, known as Spectre. It is likely to be an increasingly important security problem in the months to come, as researchers learn more about the issue, said Paul Kocher, an independent security researcher, who was among those who discovered the Spectre vulnerabilities.

"Once the Meltdown patches are installed, I don't see any significant security difference between Intel and AMD on these issues," he said.

AMD should have done a better job documenting how software makers should develop patches for the chip maker's hardware and more clearly explained the security issues associated with their products, Mr. Kocher said. Rivals Intel and ARM Holdings have offered much more detailed documentation of these security issues, he said.

"Microsoft has access to our processor architecture documentation, which is essentially what is needed, and we have been engaged regularly in engineering meetings to assist since this was disclosed," the AMD spokesman said.

Glitches are possible any time a software update is deployed. "It wouldn't be the first time a Windows update had an issue," said Patrick Moorhead, an analyst with Moor Insights & Strategy. "But it's obviously not a positive thing."

Write to Robert McMillan at Robert.Mcmillan@wsj.com and Ted Greenwald at Ted.Greenwald@wsj.com

(END) Dow Jones Newswires

January 09, 2018 15:44 ET (20:44 GMT)