Yes to the bounds check violation version, so far no to the BTB poisoning version. The bounds check version only works inside a single process, so is only relevant when you run untrusted code within the same process as some private data (such as JS in a web browser).

AMD claims that they believe that the way their branch predictor works effectively makes the BTB poisoning unusable, but there is no actual proof, and their statement regarding it was much more wishy-washy than they were with meltdown. (Which they specifically state they are completely immune to.)

Regarding branch predictor spoiling, if AMD doesn't update the branch predictor based off evaluation of branches the occurred along a speculative path, then the Spectre exploit (from my understanding that it trains the branch predictor using speculative code) won't be able to work.

Pretty much every fast CPU is vulnerable to some subset of Spectre.

Correct, and so are Samsung and Qualcomm CPU’s, according to the original paper: https://spectreattack.com/spectre.pdf