You are now subscribed
Your newsletter sign-up was successful
Want to add more newsletters?
Every Friday
GamesRadar+
Your weekly update on everything you could ever want to know about the games you already love, games we know you're going to love in the near future, and tales from the communities that surround them.
Every Thursday
GTA 6 O'clock
Our special GTA 6 newsletter, with breaking news, insider info, and rumor analysis from the award-winning GTA 6 O'clock experts.
Every Friday
Knowledge
From the creators of Edge: A weekly videogame industry newsletter with analysis from expert writers, guidance from professionals, and insight into what's on the horizon.
Every Thursday
The Setup
Hardware nerds unite, sign up to our free tech newsletter for a weekly digest of the hottest new tech, the latest gadgets on the test bench, and much more.
Every Wednesday
Switch 2 Spotlight
Sign up to our new Switch 2 newsletter, where we bring you the latest talking points on Nintendo's new console each week, bring you up to date on the news, and recommend what games to play.
Every Saturday
The Watchlist
Subscribe for a weekly digest of the movie and TV news that matters, direct to your inbox. From first-look trailers, interviews, reviews and explainers, we've got you covered.
Once a month
SFX
Get sneak previews, exclusive competitions and details of special events each month!
AMD's Zen 3 CPU architecture may, according to AMD itself, include a feature that could be exploited by hackers in a Spectre-like side channel attack.
Best wireless gaming mouse: ideal cable-free rodents
Best wireless gaming keyboard: no wires, no worries
Best wireless gaming headset: top untethered audio
In the case that a misprediction occurs, software like web browsers that utilise 'sandboxing' could leave your CPU vulnerable to side channel attacks. Just for a few ticks, but that's all it takes.
Sandboxing (isolation) is actually designed to prevent threats by putting suspicious code on the naughty step, while questioning its motives. But similarly to the Spectre vulnerabilities we've reported on previously, potential changes to the cache state in such instances could result in chunks of your personal data becoming accessible to hackers.
Web browsers don't tend to rely on isolation processes as much nowadays, due to Spectre and Meltdown vulnerabilities, but there are still risks which AMD outlines forthrightly. A publicly available paper from AMD has this to say under the security analysis header:
"A security concern arises if code exists that implements some kind of security control which can be bypassed when the CPU speculates incorrectly. This may occur if a program (such as a web browser) hosts pieces of untrusted code and the untrusted code is able to influence how the CPU speculates in other regions in a way that results in data leakage.
"If an attacker is able to run code within a target application, they may be able to influence speculation on other loads within the same application by purposely training the PSF predictor with malicious information."
There is a way to stay safe against the features possible vulnerabilities though—just turn PSF off.
AMD doesn't recommend this as an option, as it has the potential to stunt performance. Meltdown and Spectre mitigations in Intel CPUs had also led to similar performance limitations in some cases.
Surprisingly though, tests show (via Phronix) CPU performance only takes a one percent hit with the feature turned off.
If you're concerned, switching it off may be the best option for now then.
A short-term fix for those currently affected could come in the form of a firmware update, while a more long-term solution will likely have to come in the form of a change to the architecture itself. With previous exploits such as this we've seen most of the concern coming from major server providers, who will not want to leave a security hole unpatched.
