According to a blog post, AMD chips are vulnerable to 2 out of the 3 bugs reported by the Google Project Zero team, namely, Variant 1 (Bounds Check Bypass) and Variant 2 (Branch Target Injection). Their processors are not susceptible to Variant 3 (Rogue Cache Load or Meltdown), the vulnerability which put Intel in people’s bad books.
The company said they’re closely working with Microsoft to resume the paused Variant 1 security patches rollout for older processors, including Opteron, Anthlon, and Turion X2 Ultra, which left AMD-based systems unbootable. They expect to get it done by next week. Software patches for Linux systems are also available now.
Regarding Variant 2, AMD said that they believe their processor architecture would make it hard to exploit the vulnerability. They are working with partners to mitigate the threat.
The company is issuing microcode updates which in combination with updates from OS vendors will be delivered to the users via system updates.
The security patches for Ryzen and EPYC CPUs will be pushed this week which will be followed by security updates for older products in the coming weeks.