Intel: Facing 32 lawsuits over Meltdown & Spectre CPU vulnerabilities. The number of class-action lawsuits been filed against Intel over Meltdown & Spectre have grown tenfold over the previous month. The company reveals through a filing (PDF) with the US Securities & Exchange Commission that it faces 30 customer class-action lawsuits and 2 securities class-action lawsuits related to the recently disclosed CPU vulnerabilities.
In this filing, Intel said the consumer lawsuits “generally claim to have been harmed by Intel’s actions and/or omissions in connection with the security vulnerabilities” and seek monetary damages & equitable relief.
The securities class-action lawsuits does allege violations of securities laws by making statements about Intel’s products & internal controls revealed to be false or misleading by the disclosure of Meltdown & Spectre.
Intel has also noted that it disputes the claims from all 32 lawsuits & intends to defend against them vigorously.
However, the company was unable or not willing to estimate the kind of financial hit that might arise from the growing pile of lawsuits.
According to Intel, given the procedural posture alongside the nature of these cases, including that the proceedings are in early stages, that alleged damages haven’t been specified, that uncertainty does exist as to the likelihood of a class or classes being certified or the ultimate size of any class or classes in case certified, and there are significant factual & legal issues to be resolved, we’re unable to make a reasonable estimate of potential loss or range of losses, if any, that may arise from these matters.
The lawsuits started trickling in last month, with 3 class-action suits filed at the outset. Since then, the spigots have opened & it is anyone’s guess how many more might be filed in the weeks & months ahead.
One of the lawsuits that were examined last month alleges that Intel was aware of a material defect in its microchips that leaves its customers susceptible to unauthorized access by the hackers.
The material defect lets the hackers compromise the privileged memory of the company’s processors through exploiting the way processes run in parallel.
The material defect also lets the hackers utilise code running in a browser to access memory in attacker’s process, potentially exposing customers’ passwords & personal information.
In that particular suit Plaintiffs also took issue with subsequent patches that were designed to mitigate Spectre & Meltdown, as once applied to devices they suffer reduced performance.