AMD has been hit with significantly fewer vulnerability reports than Intel, but a handful have still surfaced. In this case, regarding the Take A Way whitepaper, AMD is claiming that “these are not new speculation-based attacks” and have not released any software updates in response.

ZDNet is reporting that they are in contact with the researchers, who claim that the attack still works on up-to-date machines. The researchers also claim that they have tested the exploit in JavaScript engines for Chrome and Firefox, as well as through a hypervisor (for virtualized environments, like cloud servers).

From our position, it’s unclear whether AMD or the researchers are correct until either AMD releases a patch, or someone releases an in-the-wild exploit. Either way, the researchers also state that the amount of data that can be exfiltrated is small. While they claim that it can work in real-world scenarios, that doesn’t mean that it will be worth doing in real-world scenarios.

Still, if it works and it can be patched, then it should be fixed.