Today is April's Patch Tuesday for Microsoft operating systems, and AMD CPU owners will want to fire up Windows Update as soon as possible. This round of patching includes operating-system-level mitigations for Spectre Variant 2, also known as CVE-2017-5715, on at least some AMD processors running Windows 10. The update exposes control over the Indirect Branch Prediction Barrier, or IBPB, within AMD CPUs that support the feature. According to AMD's latest security white paper, using the IBPB is the company's recommended mitigation for Spectre Variant 2.
While its CPUs do support other methods of controlling the behavior of the branch predictor in response to past predictions (a special bit indicating Indirect Branch Restricted Spectulation, or IBRS) and in response to sibling threads on a processor (a bit indicating Single Thread Indirect Branch Predictor, or STIBP), AMD does not recommend employing those methods as "performant" mitigations against Spectre.
Despite the update for AMD's CPUs, today's Patch Tuesday doesn't mark broader availability of Intel microcode updates through Microsoft's update catalog. The list of Intel CPUs with Spectre microcode updates available through Microsoft remains the same as it has been for the past few weeks. Users with CPUs older than Skylake still need to hope for OEM or motherboard firmware updates. Whether that's a side effect of Microsoft's support policy for Windows 10 or some broader clog in the pipe for older CPUs remains to be seen, but as a user of a Haswell desktop, I remain hopeful that microcode for my system will eventually be made available—somehow.