Intel Facing Multiple Lawsuits Pertaining to the Two High Profile Security Flaws - Spectre and Meltdown

Intel microchips were found to be vulnerable in December 2017, and were feared to be affected by two high-profile security flaws Spectre and Meltdown. Top tech firms like Microsoft, AMD, Apple, Google, Linux among other companies using Intel chips in their products, started to send out patches to fix the security issues. The vulnerability came with a bunch of issues for some users, which created dissatisfaction and irritation amongst the lot. As a natural consequence, this annoyance was spilt in the form of lawsuits.

Intel Facing Severe Form of Multiple Lawsuits

Intel Corporation is now facing 35 lawsuits either directly or indirectly related to the Meltdown and Spectre critical vulnerabilities in its central processing unit chips, more such lawsuits may be on the way.
Disclosed in a Securities and Exchange Commission filing by Intel on Friday, the largest number of lawsuits, 30 so far, are customer class action lawsuits that generally represent users who claim to have been harmed by Intel’s actions and/or omissions in connection with the two security vulnerabilities and are seeking monetary damages and equitable relief. According to the media company Patently Apple’s reports, one of the class action lawsuits, filed by the City of Providence, is seeking $5bn from Intel.

Two of the lawsuits, also seeking class-action status, represent shareholders (who claim to represent classes of buyers of Intel's stock between 27 July 2017 and 4 January 2018) who claim that the disclosure of the vulnerabilities in statements made by Intel were false or misleading and the chip manufacturer has violated basic security norms and practices. These two lawsuits have been filed both within the United States and outside.
The remaining three lawsuits, not getting as much attention in the media, have been filed on behalf of shareholders in a California state court. They allege that Intel executives or directors failed in their responsibilities towards shareholders by delaying disclosure of the breach as well as failing to act on insider trading. The litigation is so widespread that Intel is necessarily suing itself.

Intel’s CEO dragged into Controversial Reports

The insider trading claims relate to Intel Chief Executive Officer Brian Krzanich selling millions of dollars’ worth of Intel stock after the company was aware of the vulnerabilities but before they had publicly disclosed them. Intel claimed that Krzanich was not aware of the vulnerabilities when he made the sales. However, according to Google’s report, the search giant had informed the affected companies about the Spectre and Meltdown flaws in June and July 2017, while Krzanich sold his stock in November last year.

Intel’s Quick Fix Patches Fail the Chipmaker

The chip manufacturer has been struggling to provide patches for the vulnerabilities, because both Meltdown and Spectre relate to an issue on the chips themselves, not simply the hardware running on them. An initial patch that started rolling out in December 2017, prior to the public disclosure of the vulnerabilities, was withdrawn on January 22 because of side effects from the patch, including a high number of system reboots. Since it was relying on Intel’s fix, Microsoft Corporation was also forced to issue an emergency patch on January 29 to disable Intel’s Spectre patch.

Intel began supplying fresh updates for Skylake processors last week, which will be delivered as BIOS updates from PC makers. New updates for older chips such as Broadwell and Haswell are also in progress. The company initially said reboots were limited to older chips but later admitted newer chips were also affected and advised PC makers to stop distributing its microcode updates. Researchers at Princeton and Nvidia revealed last week that they have identified new variants of Meltdown and Spectre that could require chipmakers like Intel to create new hardware mitigations in addition to current fixes. Having said this, whether more lawsuits get filed or not, Intel’s reputation is already at stake and it will take the chipmaker some time to set things on the right track.