Coordinated Vulnerability Disclosure
Intel is committed to rapidly addressing security vulnerabilities affecting our customers and providing clear guidance on the solution, impact, severity, and mitigation. Intel PSIRT policies, processes and guidelines are designed to support and encourage the principles and practices of Coordinated Vulnerability Disclosure (CVD).
PSIRT team members work with the security community, customers, and end users to help ensure that security vulnerabilities affecting Intel products in production are documented and solutions are released according to CVD principles. We follow and help lead this common industry practice for reported security vulnerabilities on Intel shipped and supported products, with the aim to reduce adversary advantage while a security vulnerability is being evaluated and, if appropriate and feasible, mitigated.
In addition to practicing inbound CVD, and partnering with external security researchers, we coordinate outbound vulnerability disclosure with industry partners and external stakeholders, when appropriate. The goal is that all affected parties are disclosing in unison for an optimal defensive position.