Disclosing a security flaw is a very tricky process since whoever receives the details first may have the opportunity to cause harm to those that don't yet know about it. With the discovery of the massive Spectre and Meltdown vulnerabilities, Intel was faced with the challenge of who to tell and when.
They have been drawing criticism recently for their decision to tell Chinese companies including Alibaba and Lenovo before alerting the US government. No evidence has been discovered yet that the details fell into the hands of the Chinese government but many in the security community are still concerned.
The flaws were discovered in June by Google's Project Zero security research team. Intel had planned on making the information public on January 9 but news of the flaws leaked before developers finished writing their patches.
In an interview with The Wall Street Journal, security researcher Jake Williams called it a "near certainty" that the Chinese government knew of the flaws before they were made public. Authorities in Beijing routinely monitor such communications although their foreign ministry maintains they are "resolutely opposed" to hacking.
Companies in this situation have the difficult decision of telling a small group of people to limit leaks or warning a larger group to help them develop fixes. The first option may not allow proper protections to be put in place in time while the second route increases the chance of the information falling into the wrong hands.
