Google issues statement about CPU vulnerability, says it discovered the flaws ‘last year’

Google’s Project Zero team has since worked to mitigate risks

Comments

  • Will Maitner

    Hahaha, because Google knows everything..

  • FTR_Part_deux

    Wait, what? Google knew of something for a year and didn’t let its users know? But Google is such an angel of a company?

    Google users will find a way to defend them…

    • Tom

      Well to be fair, Google gets condemned for telling people about them too.

    • demigod79

      Why would Google let their users know about these exploits? When you discover a security hole, the last thing you want to do is let the public know about it – this will only make it easier for hackers to take advantage of these exploits. Google kept this secret from the public but informed OS vendors about this issue, which is the right thing to do – the patches that are rolling out now have been in the works since last year.

    • It’s Me

      Googles policy has been to publicize vulns after a short period of time, I think 90 days usually. The exception appears to be when the vuln affects their products and services, in which case they may never disclose.

    • Smanny

      They do tell companies first. But for example Google told Microsoft about some really bad vulnerabilities back in November 2016, and nothing was done about it. So Google then decided to tell the public in order to shame Microsoft into making some changes or fixes.

    • It’s Me

      That is correct. And to repeat, the exception is when the vulnerability affects their own products. Then they suddenly are ok with not shaming anyone and keeping things under wraps and secret.

    • Zomby2D

      You do realize that “last year” could literally mean 5 days ago right?

  • Brad Moriarity

    considering “last year” in the context of this press release could literally mean 4 days ago, so what…

    • Captain H. Morgan

      LOL it is still last year.