It looks Intel will not have any respite from Spectre and Meltdown just yet. The two biggest vulnerabilities in CPUs will torment the chipmaker for far longer than it might have expected. In its annual report, Intel notified that it is facing 35 lawsuits from customers and investors over the negligent approach towards the vulnerabilities.
It remains to be seen how much would the debacle cost Intel as the lawsuits are at an early stage, but the company is confident that it will “dispute the claims“ and wishes to “defend the lawsuits vigorously“. While most of the lawsuits are class-action by nature, one shareholder alleges that this was linked to insider trading, hinting at the massive sale of stocks by Intel CEO Brian Krzanich after the discovery of the vulnerability back in June last year.
Since the announcement of these vulnerabilities last month that impact all chipsets – not just Intel’s – OEMs and software giants have been abreast, some even hasty, in providing suitable patches to fix the issue. But Intel has drawn most of the controversy as it waited six months before making an announcement about the flaws.
Exploiting how operating systems interact with chipsets, the flaws in CPU architecture allow hackers to steal users’ privileged information without their information. Furthermore, potential fixes have been seen to hit the performance of older machines significantly. Although the company has promised that it will consider these exploits while designing future chipsets, the incident has given rise to mistrust among users with Intel chips powering 90 percent of PCs across the world.
With the issue spiraling down, recent research also hints that software patches might not be the ultimate solution for flaws. Nvidia along with Princeton University researchers recently discovered modified versions of the exploits – SpectrePrime and MeltdownPrime, and this development suggests that hackers could design new variations to attack users in unexplored ways. But most importantly, the incident raises questions about ethical obligations of companies which are responsible for pretty much all infrastructure and public facilities these days.