AMI Statement in Response to “Meltdown” and “Spectre” Security Vulnerabilities

Share This Press Release

Share on linkedin
Share on facebook
Share on twitter
Share on email

NORCROSS, GEORGIA, USA – AMI, a global leader in BIOS and UEFI firmware, server and remote management tools, data storage products and unique solutions based on the Linux® and Android™ operating systems, today released a statement in response to recent news of the security vulnerabilities known as Meltdown and Spectre.

In short, AMI would like to reassure its valued partners, OEM and ODM customers and end users of AMI products that it continues to closely monitor the details of both the Meltdown and Spectre security vulnerabilities as they emerge. Naturally, AMI exercises the utmost vigilance with respect to security vulnerabilities and makes every effort to be proactive about security advisories from the moment details are disclosed.

Most importantly, AMI is pleased to state that we have reviewed these security issues in detail and determined that Aptio®, our flagship UEFI BIOS Firmware, is not affected or compromised by either of these vulnerabilities in any way. AMI recommends that systems vulnerable to Meltdown and Spectre security vulnerabilities apply all appropriate operating system security patches, which can be obtained directly from the operating system vendor.

However, AMI would also like to point out that for certain Intel® based products, mitigation of the Spectre CPU security vulnerability involves the application of a CPU microcode patch from Intel Corporation, along with any security patches obtained from the operating system vendor. Interested parties can rest assured that AMI is working closely with Intel to obtain all relevant CPU microcode patch updates. As a matter of course, AMI will provide these Intel CPU microcode patch updates to AMI OEM and ODM customers as soon as they become available from Intel.

Subramonian Shankar, President, Founder and CEO of AMI, offered the following comments on the company’s recent activities and stance regarding these two security issues:

“Over the years, AMI has come up with what we believe to be a robust security framework, which allows us to keep tabs on the security vulnerabilities that are relevant to AMI products, so we can take immediate action. AMI has been working on various mechanisms to simplify this entire process of creating and applying security fixes and patches to mitigate vulnerabilities. Additionally, we work closely with key industry partners on fixes, which AMI then distributes to our customers. Keeping in close coordination with our partners also makes it easy for AMI customers to apply the fixes that we have developed.

“From our perspective, we don’t see the threat of security issues like Meltdown and Spectre going away in the future. Therefore, it is imperative that we work closely with Intel, AMD, Arm®-based silicon providers and others to continue to address them. We see ourselves as a partner with silicon manufacturers in many technical and strategic initiatives over the course of many years and we will continue to do so, to address security vulnerabilities in a timely, coordinated and effective manner.

As such, it is important to AMI to continue working closely with all silicon providers on this issue now and in the future. From our perspective, this incident shows the complexity of the security paradigm in our industry, which requires the industry to work in close cooperation so that we can address these security issues collectively with the best possible response.”

AMI will continue to monitor the security situation around Meltdown and Spectre closely as it evolves and make the public, as well as our valued partners, OEM and ODM customers and end users of AMI products, aware of any additional details that may emerge.

Intel® is a registered trademark of Intel Corporation in the US and other countries. Arm is a registered trademark of Arm Limited (or its subsidiaries) in the US and/or elsewhere.

About AMI

AMI provides industry-leading enterprise and open-source foundational technology and security solutions so the world’s compute platforms Power Up, Stay On, and Run Secure - from on-premises to the cloud to the edge, each time, every time. AMI is a crucial provider to the Open Compute ecosystem and is a member of numerous industry associations and standards groups, such as the Unified EFI Forum (UEFI), PICMG, National Institute of Standards and Technology (NIST), National Cybersecurity Excellence Partnership (NCEP), and the Trusted Computing Group (TCG). Founded in 1985 and headquartered in Duluth, Georgia, AMI has locations in the U.S., China, Germany, Hong Kong, India, Japan, Korea and Taiwan to better serve its global customers. For more information, visit or follow us on LinkedIn and Twitter @AMI_PR.

Statement of Liability: © 2021 AMI Product specifications are subject to change without notice. Products mentioned may be trademarks or registered trademarks of their respective companies. All rights reserved. No warranties are made, either express or implied, with regard to the contents of this work, its merchantability or fitness for a particular use. This publication contains proprietary information, which is protected by copyright. AMI reserves the right to update, change and/or modify this product at anytime.

More To Explore

Tech Blog

Platform Security Starts at the Root of Trust

A Guide to Implementing HRoT with NIST PFR Guidelines Data breaches are increasingly costly as the sophistication and funding (in some instances, state-sponsored) of the hackers

Want to learn more?

drop us a line and keep in touch