Researchers’ fears about cybersecurity have been increased by Intel’s confirmation that the source code leak for the UEFI BIOS of Alder Lake CPUs is genuine. The 12th generation of Intel Core processors, dubbed Alder Lake, will debut in November 2021. On Friday, a Twitter account going by the handle “freak” shared links to what they claimed to be the UEFI firmware source code for Intel Alder Lake, which they claim was made available by 4chan.
The hyperlink directed users to the “ICE TEA BIOS” GitHub project, which was posted by user “LCFCASD.” The “BIOS Code from project C970” was said to be present in this repository.
The 5.97 GB of files, source code, secret keys, change logs, and compilation tools in the breach have the most recent timestamp of 9/30/22, which indicates that a hacker or insider downloaded the data at that time.
Numerous references to Lenovo may also be found in the leaked source code, including code for “Lenovo String Service,” “Lenovo Secure Suite,” and “Lenovo Cloud Service” integrations.
Whether the source code was taken during a hack or disclosed by an insider is now unknown. Tom’s Hardware, however, has received confirmation from Intel that the source code is real and is its “exclusive UEFI code.”
Security experts caution that while Intel has minimised the security dangers of the source code leak, its contents may make it simpler to identify flaws in the code.
Mark Ermolov of Positive Technologies said that a private encryption key called KeyManifest, which is used to protect Intel’s Boot Guard platform, was also exposed in the breach.
Also Read:
