AMD has fixed its latest security flaw - but at the cost of massive slowdowns

AMD Zen 4 Ryzen 7000 Raphael
Ryzen 7000 (Image credit: AMD)

AMD has been rolling out updates to its Zen processors to mitigate the inception vulnerability that was discovered recently. However, it appears that there's catch.

The Linux website Phoronix has been benchmarking the CPUs post update and the results are not good news for performance: in some cases, tasks were 54% slower than those run on unpatched chips.

Some apps, such as 7zip, Blender, and Firefox, didn't take too much of a hit, although 7Zip performed the worst out of the three. However, industry-grade software appeared to suffer much more.

Performance hits

For instance, database app MariaDB performed much worse on patched Epyc server processors. Other applications related to code compilation, engineering, and image processing were also similarly impacted.

AMD has been patching its affected chips in three different ways: some have kernel-based mitigation, some have new microcode, and others have Indirect Branch Prediction Barrier (IBPB) mitigation applied. The latter is considered the most secure fix, but also most often responsible for the worst slowdowns. 

This isn't the first time a major CPU flaw has caused problems. Intel had the infamous Meltdown/ Spectre flaws in many of its processors - and AMD was affected partially too - which let threat actors read system memory and gain valuable information, such as passwords and encryption keys.

In trying to fix the problem with a firmware patch, Intel unwittingly made systems borderline unusable, causing spontaneous reboots and instability issues. It then issued a directive to all involved in the supply chain of its chips, including end-users, not to download the patch.

More recently, both CPU titans were found to have another security problem in their respective products, similar to Meltdown and Spectre, called Retbleed, which let abusers access kernel memory. Again, fixing this issue means inevitably slowing down the chips' performance.

Lewis Maddison
Staff Writer

Lewis Maddison is a Staff Writer at TechRadar Pro. His area of expertise is online security and protection, which includes tools and software such as password managers. 

His coverage also focuses on the usage habits of technology in both personal and professional settings - particularly its relation to social and cultural issues - and revels in uncovering stories that might not otherwise see the light of day.

He has a BA in Philosophy from the University of London, with a year spent studying abroad in the sunny climes of Malta.