Just last week Israeli security firm CTS-Labs dropped a bomb on AMD. While the Intel rival's chips weren't as affected by the Spectre and Meltdown bugs, they had serious vulnerabilities of their own.
Dubbed CHIMERA, FALLOUT, MASTERKEY, and RYZENFALL, it looked like AMD was headed for a nightmarish security scenario of its very own. Now, however, AMD has revealed that it will have patches for all four ready within a few weeks.
Not only will the updates be delivered quickly, but AMD says they won't have any impact on processor performance. That's a sharp contrast to SPECTRE and MELTDOWN, which can degrade the performance of Intel chips by anywhere from 3% to 20%.
That's all very good news for AMD users. Given how many of the company's processors are affected and the short amount of time AMD was given to investigate and respond, things could have turned out much worse.
Had AMD been allowed the industry-standard 90 days to research and respond, you would've seen far less news about the situation. The coverage you did see would've been less dramatic, and CTS-Labs' name wouldn't have featured as prominently.
Flaws like the ones revealed by CTS-Labs can take a manufacturer months to fix. Generally speaking, researchers give them plenty of time to start working on a fix before going public with their findings. Often it's as much as 90 days. These flaws were all published with just a few days' notice given to AMD.
CTS-Labs reportedly believed that the situation was so dire that the findings needed to be publicized immediately. Not everyone in the security business agreed, however.
Many experts found the revelation to be sensationalized and downplayed the severity of the bugs. Researchers at Trail of Bits stated that "there is no immediate risk of exploitation of these vulnerabilities for most users." AMD's announcement today noted that "any attacker gaining unauthorized administrative access would have a wide range of attacks at their disposal well beyond the exploits identified in this research."
