Intel did not inform US before chip flaws were made public Published duration 26 February 2018

image copyright Intel image caption Intel did not disclose Spectre and Meltdown security flaws to US lawmakers before the information was leaked to the press

Computer-chip-maker Intel did not inform US cyber-security officials about the Spectre and Meltdown security flaws before details leaked to the press, it has been revealed.

Details were first leaked to technology news site The Register on 2 January.

The flaws were discovered by Google Project Zero's security researchers.

In response to questions posed by Republican congressman Greg Walden, who chairs the House Energy and Commerce Committee, Google owner Alphabet said it had informed Intel, AMD and ARM about the chip flaws in June 2017.

The three semiconductor manufacturers were given 90 days to fix the flaws before disclosing the bugs to the public.

Alphabet said it had left it up to the companies to decide whether they should inform government officials about the security flaws, as per standard practice.

Intel declined to comment. However, the company's letter to Mr Walden offers more details about what happened.

It says that Google Project Zero chose to extend the 90-day timeframe to 9 January 2018, and that Intel had to agree to keep the information confidential until that date.