Intel reportedly warned OEMs about Meltdown and Spectre flaws on 29 November
CHIPMAKER Intel reportedly warned OEMs about the Meltdown and Spectre CPU flaws on the same day that the firm’s CEO sold half of his shares in the company.
That’s according to French publication LeMagIT, which claims to have obtained a secret memo sent that Intel OEM customers on 29 November under a confidentiality and non-disclosure agreement.
This date is almost six months before Google warned the chipmaker about the vulns affecting its CPUs on 1 June. Perhaps more concerning, it’s also the same day that the firm’s CEO flogged shares in his company, making almost $11m in the process.
Intel has long denied any dodgy business, though, saying Krzanich’s decision to sell his stock was part of a standard plan that had been organized in October.
„Intel PSIRT often releases Technical Advisories such as this one to inform customers that they may be affected by security issues. The subject matter of these advisories can include unmitigated vulnerabilities or security issues that might affect multiple parties,“ the first page of the 11-page technical document, which confirms the reported 29 November date, reads.
„In order to maintain confidentiality, such communications are provided under CNDA. Intel may publish the issue externally according to the below disclosure plan.“
Intel goes on to stress that OEMs need to keep quiet about the flaws, saying that they should „encrypt any sensitive details using our PGP key“.
The flaws would be publicly disclosed in a security advisory on 9 January, Intel said in its memo, failing to predict that The Register would beat the company to it, disclosing the flaws on 2 January. The website claims it wasn’t aware of embargo the tech firms had placed on Meltdown and Spectre.
As noted by LeMagIT, despite allegedly notifying customers and partners at the end of November, Intel at this time continued to market the affected processors as if nothing had happened and „will likely continue to market vulnerable processors for the next year or more.“
This latest revelation will no doubt lead to more questioning for Intel, which this week was pressed by US lawmakers to explain its silence over the so-called embargo placed on the two security flaws µ
