Intel Class Action: Processor Defect Puts Entire Generation of Computers at Risk

Three plaintiffs say a design defect in Intel processors creates a significant security vulnerability in every computer that uses them.

Plaintiffs Amy Storey, Michael Inman and Dennis Chavez say a defect deep within Intel central processing units, or CPUs, creates unacceptable security vulnerabilities in their computers and other CPU-equipped devices.

The processors at issue are Intel’s x86-64x units. Plaintiffs say the defect afflicts all of these processors manufactured over at least the past 10 years. It allegedly allows everyday computer applications – and potentially malware – to get at least some information about the contents of kernel memory, which is ordinarily supposed to be protected.

Plaintiffs say the Intel processor defect was publicized in November 2017. It’s believed to affect every Intel processor made since 2004, regardless of the operating system or the brand of computer in which the processor is installed. These processors are used both in smaller computers marketed for personal use and in most of the larger, cloud-based servers used by tech giants Google, Amazon and Microsoft, the complaint reads.

The alleged defect is not easily fixed, according to this Intel class action lawsuit.

“The only way to “patch” this vulnerability requires extensive changes to the root levels of the Operating System which would dramatically reduce performance of the CPU,” the plaintiffs say.

“Alternately, assuming that consumers could obtain a suitable replacement processor, one could only replace the processor itself at considerable expense.”

A software patch to remedy the defect was announced in January 2018, but it comes with the drawback of significantly slowing down the affected computer. According to a report in The Register, an update for Linux and Windows machines was projected to cause a slowdown of five to 30 percent.

Plaintiffs claim Intel was on notice of the defect months before it was made public. In June 2017, a member of a Google security team contacted Intel about certain security problems in its processors. The next month, Intel arranged from members of three other teams of experts to meet and confer about the problems at the Black Hat cybersecurity conference.

All three plaintiffs bought computers of various brands and different operating systems, all of which suffer from the alleged defect. Storey’s Apple Mini and Inman’s Lenovo Yoga allegedly contain defective processors, as do the six computers and six phones Chavez purchased for his family.

The plaintiffs say that neither they nor the proposed Class Members would have bought the allegedly defective Intel processors had they known about this designed-in vulnerability.

Intel has already been hit with other litigation over the alleged processor defect. Two plaintiffs filed their Intel class action lawsuit in a California federal court earlier this month over the same issue, noting that it exposes millions of Intel-equipped computers to critical security vulnerabilities.

In this newest Intel class action lawsuit, the plaintiffs propose to represent a Class that would cover persons who, in New Mexico and other states to be approved by the court, purchased one or more Intel processors from Intel or its authorized retailers and either experienced or are likely to experience the alleged defect during the useful life of the processor.

They seek an award of damages, restitution, disgorgement, and injunctive and declaratory relief, reimbursement of their attorneys’ fees and costs of litigation, and any other relief the court deems warranted.

The plaintiffs’ attorney is Nicholas Koluncich of Law Offices of Nicholas Koluncich III LLC.

The Intel Defective Processor Class Action Lawsuit is Storey, et al. v. Intel Corp., Case No. 1:18-cv-00051-LF-KBM, in the U.S. District Court for the District of New Mexico.

If you purchased an Intel-based processor, computer, or server within the past six years and were negatively affected by the Intel security flaw and patch update, you may be able to join an Intel class action lawsuit investigation.