https://www.theverge.com/2018/2/23/17043768/intel-meltdown-spectre-no-us-goverment-warning

Intel didn’t provide US government officials with details on the Meltdown and Spectre CPU flaws until they leaked to the public last month. Reuters reports that US government officials have raised concerns that the flaws weren’t disclosed privately as they could have impacted national security. Intel didn’t report the flaws to US authorities because hackers hadn’t exploited the vulnerabilities yet. The Wall Street Journal previously reported that Intel notified a small number of customers about the flaws, including Chinese companies like Lenovo and Alibaba, before they were revealed publicly.

The approach may explain some of the confusion around Meltdown and Spectre as the flaws first came to light in a report from The Register in early January. Intel, Google Project Zero, Microsoft, and others were forced to disclose the vulnerabilities a day after The Register’s report, and initial statements from both AMD and Intel were confusing and misleading. Intel hadn’t informed the United States Computer Emergency Readiness Team (US-CERT), so there was no full warning about the security problems. Instead, CERT initially advised people to “fully remove” the flaws by replacing processors, but later revised its warning to simply patch systems.