15 november 2019
The chip maker patched several problems in May. Now it is issuing another fix, and researchers say the company hasn’t been straight about its issues.
Last May, when Intel released a patch for a group of security vulnerabilities researchers had found in the company’s computer processors, Intel implied that all the problems were solved.
But that wasn’t entirely true, according to Dutch researchers at Vrije Universiteit Amsterdam who discovered the vulnerabilities and first reported them to the tech giant in September 2018. The software patch meant to fix the processor problem addressed only some of the issues the researchers had found.
It would be another six months before a second patch, publicly disclosed by the company on Tuesday, would fix all of the vulnerabilities Intel indicated were fixed in May, the researchers said in a recent interview.
The public message from Intel was “everything is fixed,” said Cristiano Giuffrida, a professor of computer science at Vrije Universiteit Amsterdam and one of the researchers who reported the vulnerabilities. “And we knew that was not accurate.”