Reuters reports that Intel has informed Rep. Greg Walden, an Oregon Republican and chairman of the House Energy and Commerce Committee, that they did not inform U.S. security officials about the “Meltdown” and “Spectre” CPU bugs until they were known to the public, nearly six months after Alphabet informed Intel about the bugs. On Thursday, Walden published a letter he received from the CPU manufacturer which reveals that they did not inform the United States Computer Emergency Readiness Team (US-CERT) about the Meltdown and Spectre CPU bugs until January 3.
Intel stated that it was common practice for companies to keep security flaws private until they had a chance to collaborate on a fix for the issue with other tech firms. Alphabet claims that they informed CPU manufacturers Intel, Advanced Micro Devices, and ARM Holdings of the security flaws in June and gave them 90 days to fix the issue before disclosing them publicly. Alphabet stated that they left it up to Intel to inform government organizations of the security flaw. In the letter, Greg Pearson, Intel’s vice president in charge of the company’s public affairs, argued that there was “no indication that any of these vulnerabilities had been exploited by malicious actors,” so Intel did not need to inform US-CERT about the bug. --
More...
