Friday, 23 February 2018
Latest news
Main » Intel Reportedly Warned China Of Spectre And Meltdown Exploits Before US Government

Intel Reportedly Warned China Of Spectre And Meltdown Exploits Before US Government

30 January 2018

And over the weekend, Microsoft stepped in too, issuing a software update for Windows users that reverses the Intel-created patch.

Many Chinese companies have direct ties to the Chinese government, Walden said, which means the Chinese government may have known about the security vulnerabilities before the USA government or American companies - companies that may have been exposed to the security flaws. It is unlikely anything frightful has happened on a widespread basis because of this flaw and the playing field is now level again; however this remains a great example of how not to deal with the discovery of a major architectural flaw which continues to cause grave security concerns globally. As of January 25, there are no known reports to indicate that this Spectre variant 2 (CVE 2017-5715 ) has been used to attack customers.

Due to the severity of the flaws, Intel's decision to warn select customers in advance, leaving out the U.S. Government itself, has been met with concerns of the information being misused. "In our testing this new update has been found to prevent the behavior described", Microsoft said.

Om Prakash Rawat appointed as new Chief Election Commissioner
He also said that the Lok Sabha elections are due for next year and would be a big challenge as they need yearlong preparations. Rawat had recused himself after AAP leader and Delhi Chief Minister Arvind Kejriwal had questioned his neutrality.

In other developments related to Spectre and Meltdown, which also affect many CPUs made by ARM and AMD, The Wall Street Journal reported yesterday that Intel's initial disclosures about the vulnerabilities were made to "a small group of customers, including Chinese technology companies, but left out the US government". The chip flaw actually isn't unique to Intel chips, though-it was also found in AMD, ARM, and other chip manufacturers' products, too. Codenamed Spectre and Meltdown, the flaw being inherent to the very design the chips incorporated rules out a quick and easy solution. This is being fixed but in the meantime, Microsoft has pushed out its own Windows patch that disables Intel's prior buggy fix. On Jan. 23, the Cupertino, Calif. device maker released a security update for macOS High Sierra 10.13.3 and OS X El Capitan 10.11.6, specifically addressing the Meltdown vulnerability. (That's the type of vulnerability that applies to Spectre and Meltdown.) That's KB4073119, and it outlines PowerShell scripts to check vulnerability protections, and registry tweaks to enable or disable them.

Apple also issued updates across its various operating systems, including macOS, iOS and tvOS.

Intel spokesperson stated Google Project Zero team and other tech vendors such as Intel usually follow the best practices in the industry of responsible and coordinated disclosure.

Intel Reportedly Warned China Of Spectre And Meltdown Exploits Before US Government