News Intel, Nvidia, Microsoft Vulnerable to Critical Java Exploit. AMD Unaffected

[Admin]

A Java vulnerability present on the popular Apache server package has rendered several Intel, Nvidia and Microsoft products vulnerable to an exploit that allows remote code execution, while AMD seemingly skirts this issue.

Intel, Nvidia, Microsoft Vulnerable to Critical Java Exploit. AMD Unaffected : Read more

 

[hotaru.hino]

Spectre and Meltdown days dejá-vu?

I find this subtitle disingenious because the exploit concerns software vulnerabilities, not hardware flaws.

 

[USAFRet]

I find this subtitle disingenious because the exploit concerns software vulnerabilities, not hardware flaws.

And even then, AMD is subject to the same Meltdown/Spectre things.
https://www.extremetech.com/computi...s-found-harboring-meltdown-like-security-flaw
https://arstechnica.com/gadgets/202...ain-sends-intel-and-amd-scrambling-for-a-fix/

 

[dispersive.logic]

As the other commenters have pointed out, this article's title is total clickbait. Log4j is a software library that is used by virtually all Java applications whereas Meltdown, Spectre, etc are hardware vulnerabilities. It's not even apples-to-oranges, it's totally unrelated.

 

[HyperMatrix]

As others have said....Article title is intentionally misleading clickbait.

 

[hushnecampus]

Shameful journalism. Title makes it sounds like people with AMD CPUs would be unaffected by log4shell, which is of course nonsense.

 

[rluker5]

AMD's software is probably just too messed up to test. Can't exploit it if it crashes first.

 

[Alex/AT]

And even then, AMD is subject to the same Meltdown/Spectre things.

Spectre variants yes, part of, but well, they are not even x86-specific. Meltdown no, purely Intel thing resulting from lack of privilege checks inside speculative path. L1TF is the same, purely Intel thing.
There was a lot of "AMD Meltdown" <Mod Edit> from the very start to try to keep Intel marketing up, but it all basically boiled down to some 'minor spectre variant's that work only in lab and under very specific (if not requiring complex setup) conditions.
Meltdown and L1TF on the other hand were found easily and perfectly exploitable on almost any normal susceptible system, under most OS and hypervisors, under normal 'parallel load' execution conditions where exploit is not the only major process running.

 

[Endymio]

As others have said....Article title is intentionally misleading clickbait.

Given some of the other factual inaccuracies in recent articles, I'm inclined to believe it's more an error of understanding, rather than an intentional act.