Intel customers and shareholders are angry about Meltdown and Spectre—angry enough that a total of 32 suits have been filed against the company regarding the two vulnerabilities.
In its annual report, filed Friday, Intel disclosed that 30 customer class-action suits have been filed against the company, plus two additional class-action suits by shareholders. Those suits have been filed both within the United States and abroad. Given a host of uncertainties—how the cases are proceeding, whether damages have been claimed, and the uncertainty of whether the suits will succeed—Intel said it was not estimating potential losses as a result of the litigation.
The two shareholder suits also allege that Intel and its company officers violated securities laws “by making statements about Intel’s products and internal controls that were revealed to be false or misleading by the disclosure of the security vulnerabilities.”
The litigation is so widespread that Intel is essentially suing itself. In January, Intel said, three defendants filed what is called a shareholder derivative action against certain members of Intel’s board and certain directors, on behalf of Intel as a whole.
In the filing, Intel reiterated earlier claims that the company had been notified of the Spectre and Meltdown vulnerabilities in June 2017 by a team of Google researchers. News of the Spectre and Meltdown vulnerabilities broke on January 3, before software and firmware updates to address the vulnerabilities were made widely available, Intel said.
What this means to you: While the litigation itself might not affect you, two things could happen: If the class-action succeeds, a court could order Intel to pay compensation to end customers—like you—who have bought PCs using Intel microprocessors or the individual microprocessors themselves. Second, by widening Intel’s bug bounty to include the sort of side-channel exploits that gave the world Spectre and Meltdown, Intel has been forced to beef up its own internal security controls.