As you may be aware, Microsoft has released a number of patches for all supported operating systems to protect them from Meltdown and Spectre attacks. These include Windows 7, Windows 8.1 and Windows 10. Unfortunately for AMD CPU users, those patches caused a blue screen of death (BSOD) for those who have an AMD Athlon chip. Finally, the issue is resolved. Microsoft today released a couple of fixes for AMD users.
Refer to the following article to get details:
The update packages KB4073576 and KB4073578 are intended to fix the issue.
KB4073578 is applicable to Windows 7 SP1 and Windows Server 2008 R2 SP1. The support page describes it as follows:
An update is available to fix the following issue that occurs after you install January 3, 2018—KB4056897 (Security-only update) or January 4, 2018—KB4056894 (Monthly Rollup):
AMD devices fall into an unbootable state.
KB4073576 does the same for Windows 8.1 and Windows Server 2012 R2.
Links for reference:
So, AMD users should not install previously released patches for Windows 7(KB4056897 / KB4056894) and Windows 8.1(KB4056898 / KB4056895). Instead, they should go directly with new packages to stay protected against the Meltdown and Spectre vulnerabilities.
Meltdown and Spectre vulnerabilities allow a process to read the private data of any other process, even from outside a virtual machine. This is possible due to Intel's implementation of how their CPUs prefetch data. This cannot be fixed by patching the OS only. The fix involves updating the OS kernel, as well as a CPU microcode update and possibly even a UEFI/BIOS/firmware update for some devices, to fully mitigate the exploits.
Recent research indicates that ARM64 and AMD CPUs are affected as well by the Spectre vulnerability, related to speculative execution.
Microsoft has already released a set of fixes for all supported operating systems. Mozilla has released an updated version of Firefox 57, and Google will protect Chrome users with version 64.
For the current version Google Chrome, you can enable extra protection by enabling Full Site Isolation. Site Isolation offers a second line of defense to make such vulnerabilities less likely to succeed.