In response to the massive Spectre and Meltdown vulnerabilities exposed last week, Intel is reaffirming its commitment to security. The company’s CEO Brian Krzanich today published an open letter outlining Intel’s continued focus on security…
In the letter, Krzanich first highlights the collaboration between Intel and its partners when it came to patching the vulnerabilities. “The degree of collaboration across the industry has been remarkable. I am very proud of how our industry has pulled together and want to thank everyone for their extraordinary collaboration,” he writes.
The meat of Krzanich’s letter, however, relates to Intel’s “commitments to our customers” with 3 clear pledges.
First off, Krzanich says Intel has operated and will continue to operate with “customer-first urgency.” The company has issued updates for “90 percent of Intel CPUs introduced in the past years,” while updates will continue rolling out for the remainder of the affected CPUs through the end of January.
Furthermore, Krzanich says Intel is learning a “great deal” as it rolls out software and firmware patches. He says the company will “provide frequent progress reports of patch progress, performance data and other information.”
Lastly, the Intel CEO reaffirms the company’s broader committment to user security, calling it an “ongoing priority, not a one-time event.”
Ongoing Security Assurance: Our customers’ security is an ongoing priority, not a one-time event. To accelerate the security of the entire industry, we commit to publicly identify significant security vulnerabilities following rules of responsible disclosure and, further, we commit to working with the industry to share hardware innovations that will accelerate industry-level progress in dealing with side-channel attacks.
We also commit to adding incremental funding for academic and independent research into potential security threats.
Intel’s Meltdown and Spectre security flaws were originally reported on last week and the company quickly confirmed the issues and said it was working with its partners to rollout fixes to users. Apple, for its part, patched the majority of the holes in iOS 11.2, macOS 10.13.2, and tvOS 11.2, with additional updates this week bringing further improvements.
More on Spectre & Meltdown: