Home » News » Intel tried to buy silence of researchers that discovered MDS vulnerabilities

Intel tried to buy silence of researchers that discovered MDS vulnerabilities

One of the most resonant news of the last days is discovery of new vulnerability class on MDS (Microarchitectural Data Sampling).

It is peculiar that owners of PCs, equipped with competing with Inter AMD processors, are out of risk; producer confirmed that his product is not affected by new vulnerabilities.

Read about this in our article: Zombieload and company: researcher discovered new class of vulnerabilities in Intel processors

Concerning Intel, it seems like experts were mistaken when thought that after story with Meltdown and Spectre vulnerabilities they cannot be surprised. New scandal continues to gain momentum and recently was investigated that Intel allegedly tried to get more time and buy silence of researchers from Amsterdam Free University that found new vulnerabilities in Intel processors.

“Intel offered to pay the researchers a $40,000 “reward” to allegedly get them to downplay the severity of the vulnerability, and backed their offer with an additional $80,000. The team politely refused both offers”, — Dutch publication Nieuwe Rotterdamsche Courant reports.

The case is obligatory condition of remuneration payments in Intel is signing standard non-disclosure agreement on confidential information. So, if proposition is accepted, researchers oblige to be silent about vulnerabilities and discussing this top-secret information with the narrow circle of authorized employees.

In Intel explain such approach by the necessity of allocating time on investigation of issues and development of respective patches while disclosing of data prior to these interventions increases risk that attackers will use gaps before than they will be closed.

Researchers allegedly were not satisfied by this variant and they decided to refuse from reward to be able to share information about vulnerabilities and related risks with the public.

READ  Microsoft IE11 vulnerability is more dangerous than it seemed as browser Edge is also sensitive to it

And here it all fits: updates of processors’ microcodes and relevant patches from vulnerabilities for different software just started to deploy for susceptible devices to a new class.

Source: https://www.techpowerup.com

[Total: 0    Average: 0/5]

About Trojan Killer

Carry Trojan Killer Portable on your memory stick. Be sure that you’re able to help your PC resist any cyber threats wherever you go.

Check Also

muddywater-apt-group-upgrading-tactics-to-avoid-detection

Researchers told about new instruments of MuddyWater cybercriminal group

Specializing on espionage Muddywater group, also known as SeedWorm and TEMP.Zagros, included in its set …

angelina jolie hackers

Mysterious woman-hacker published exploit for increasing vulnerability of rights increase in Windows 10

On GitHub published PoC-code for vulnerability of privileges increase in Windows 10 that affects Windows …

Leave a Reply