Google recently released its own fix, code-named Retpoline, for Variant 2 of the Spectre CPU attacks. This means that program instructions that tell the cache to read ahead to a different program or different part of the current program will fail, since such instructions are normally either poorly optimized code or simple malware.
On January 3, AMD chips had a near-zero risk of being affected by one variant of the Spectre vulnerability.
"While we believe that AMD's processor architectures make it hard to exploit Variant 2, we continue to work closely with the industry on this threat".
In a statement, the company suggested: "We have received reports from a few customers of higher system reboots after applying firmware updates". With regards to Variant 1 (Spectre, Bounds Check Bypass), Papermaster says that AMD processors are in fact vulnerable. "End-users should continue to apply updates recommended by their system and operating system providers".
AMD also said it is working with both Microsoft and Linux vendors on future Spectre patches for AMD systems, as well as "engaging closely with the Linux community" on Retpoline, aka "return trampoline", which is a mitigation technique developed by Google for the branch target injection attacks.
Meanwhile, AMD said it expects it expects an issue that resulted in pausing the release of some updates protecting against the first variant of the Spectre issue "to be corrected shortly".
Both Microsoft and AMD have confirmed that they will be making the Meltdown and Spectre security updates available for Windows devices with AMD chips once again starting next week. We are working quickly with these customers to understand, diagnose and address this reboot issue. AMD's processors aren't "susceptible" to Meltdown, the chipmaker wrote, "due to [the company's] use of privilege level protections within paging architecture".