Intel alerted select corporations about Meltdown/Spectre, China speculated to have known about it before the US
Intel has been hit hard by the recent Meltdown and Spectre vulnerabilities both literally and figuratively. The company has been trying hard to ensure that fixes roll out to all affected CPUs, although, it did run into stumbling blocks. Now, a new report by The Wall Street Journal says that Intel initially disclosed the vulnerabilities to select US corporations such as Microsoft and Amazon and also to foreign companies such as the UK-based ARM Holdings and Chinese companies Lenovo and Alibaba.
The report is speculating that communications between Intel and the Chinese companies could have been intercepted by the Chinese Government as such communications are closely monitored by the authorities, therefore, they might have had knowledge of these vulnerabilities much before the US Government could even know what's going on. Alibaba, however, refuted such claims and said that it did not share any such information with the Chinese authorities.
Meanwhile, the Department of Homeland Security said that it was not informed of the security disclosure, as is normally the case. Apparently, even the NSA wasn't privy to this information.
It could be that Intel wanted to disclose the vulnerabilities to its largest customers so that they can prepare and test large scale mitigation strategies. An Intel spokesperson said that they could not inform the US Government as the vulnerabilities were revealed earlier than expected. The company's disclosure policies are being questioned both by Congress as well as the public and several lawsuits have already been filed in Oregon, Indiana, and California questioning Intel's failure to disclose this information in a timely manner.
Source(s)
The Wall Street Journal (Paywall) via Neowin