Reuters is reporting that Intel did not tell the federal government, including US-CERT, about Spectre and Meltdown issues until news of the CPU vulnerability went public.
This happened in early January 2018, even though the company learned of the security risks months beforehand.
"Intel Corp did not inform U.S. cyber security officials of the so-called Meltdown and Spectre chip security flaws until they leaked to the public, six months after Alphabet Inc notified the chipmaker of the problems, according to letters sent by tech companies to lawmakers on Thursday."
Interesting.
And here's a question. If Google's parent company, Alphabet, notified Intel about the vulnerabilities six months earlier than the rest of the world, what was Intel doing all that time?
Because when news broke, Intel seemed to be caught off guard and had to race to create firmware updates, many of which turned out to be problematic in a "hurry up and secure things mode." At one point, Intel asked companies to stop implementation.
As SecureWorld reported last week, dozens of lawsuits have piled up against Intel, including some aimed at company directors and board members.
You can read the Reuters report here.
And expect more to come as the Spectre and Meltdown fallout continues.