Amid Growing Lawsuits, Intel Warns Of Problems In Processor Exploit Patch

As a growing number of lawsuits continue to be filed against Intel Corporation over patches meant to fix long-existing security flaws in nearly all of its processors, the company is now admitting that the patches themselves may be flawed, and is calling on customers to stop installing them. 

The warning has led Microsoft step in with its own fix, releasing a patch to fix Intel’s patch, which was originally meant to address two cybersecurity flaws known as “Spectre” and “Meltdown”, but ended up causing even more problems.

On January 2, a “patch” released for Intel processors was found to slow down consumers’ computers and other electronic devices. This programming fix was intended to close an Intel processor security gap, which could allow hackers to access a user’s personal information.

These two exploits are known as “Meltdown”, which allows access to things like passwords and other information by cutting between an operating system and an application; and “Spectre”, which causes applications to leak information between programs that are usually isolated from one another, making data easier to steal.

Both exploits are believed to be accessible in every Intel chip made, and could put most people’s private data at risk. Some experts estimate that almost every CPU manufactured in the last 10 to 20 years may be affected.

In an effort to fix these Intel chip problems, a number of companies have released automatic “updates” to computers, servers, cell phones and operating systems. However, these updates appear to cause the processing chips, the brains of computerized devices, to slow down anywhere from five to 30 percent.

On January 22, Intel issued a press release recommending that operators and owners of its systems stop installing the patch, indicating that it has been linked to unexpected reboots “and other unpredictable system behavior.”

Then, on January 26, Microsoft stepped in, announcing that the patch also appeared to cause data loss or corruption, and released its own update for certain versions of Windows 7, Windows 8.1 and all versions of Windows 10 that specifically blocks the Intel patch. The press release directs consumers on how to get the Windows update, and on how to manually disable and mitigate the problems that lead to the Spectre exploit.

Since news of the exploits and the patches began to spread, at least five Intel chip lawsuits have been filed in U.S. District Courts nationwide, alleging the company has violated warranty laws and state deceptive trade practice laws. That number is expected to increase significantly in the coming weeks and months.

On January 8, a group of plaintiffs filed a motion to transfer with the Judicial Panel On Multidistrict Litigation (JPML), calling for all Intel processor security flaw lawsuits to be centralized before one judge in the Northern District of California, where Intel is headquartered, for pretrial proceedings.

The motion also states that consolidation would prevent duplicative discovery and conflicting pretrial rulings by different judges.

If the JPML agrees to consolidate the cases into a multidistrict litigation (MDL), all pretrial proceedings would be handled by one judge, but the cases would remain individual lawsuits. If a settlement agreement is not reached, the cases would be transferred back to their originating districts for trial.