Intel confirms being sued for $5 billion over Spectre and Meltdown

The company confirms being sued by the City of Providence with a demand of $5 billion in damages.

Update: 2018-02-19 13:15 GMT
Earlier Intel had denied the claim saying that any performance impacts are workload-dependent, and, for the average computer user, should not be significant and will be mitigated over time.â€

Intel was reportedly hit with 32 class-action lawsuits over the major processor vulnerabilities, the company confirmed on February 16. One of the Class Actions over Intel was filed by City of Providence demanding $5 Billion.

Intel said “30 customer class-action lawsuits and two securities-class action lawsuits have been filed. The customer class-action plaintiffs, who purport to represent various classes of end users of our products, generally claim to have been harmed by Intel's actions and/or omissions in connection with the security vulnerabilities and assert a variety of common law and statutory claims seeking monetary damages and equitable relief. The securities class action plaintiffs, who purport to represent classes of acquirers of Intel stock between July 27, 2017 and January 4, 2018, generally allege that Intel and certain officers violated securities laws by making statements about Intel's products and internal controls that were revealed to be false or misleading by the disclosure of the security vulnerabilities.”

“Security vulnerabilities may exist with respect to our processors and other products as well as the operating systems and workloads running on them. Mitigation techniques designed to address these security vulnerabilities, including software and firmware updates or other preventative measures, may not operate as intended or effectively resolve these vulnerabilities,” Intel further stated.

The company later confessed that "A side-channel exploit is a type of security vulnerability that has recently received attention as a result of the variants referred to as "Spectre" and "Meltdown." Information on these variants was prematurely reported publicly before mitigation techniques to address all vulnerabilities were made widely available, and certain of the mitigation techniques did not operate as intended."

“Intel's microprocessor chips are defective because they possess significant security vulnerabilities that, if exploited, permit an adversary to access sensitive data stored elsewhere on the machine or in the cloud,” the complaint stated.
Researchers had discovered two major CPU bugs, called Spectre and Meltdown, which was reported early this year. The Meltdown flaw is said to be specific to Intel chips only and it strikes at the heart of how CPUs process information.

Earlier Intel had denied the claim saying that “any performance impacts are workload-dependent, and, for the average computer user, should not be significant and will be mitigated over time.”

Furthermore, Intel isn’t the only chipmaker affected by the Spectre flaw. It is widespread and not known how serious the problem might be in the long-term.

Tags:    

Similar News