Intel Confirms Alder Lake BIOS Source Code Leak

The source code for the UEFI BIOS of Alder Lake CPUs emerged on the Web recently as a result of a leak, and it’s confirmed by Intel. 

In response to this leak, researchers have expressed serious concerns about cybersecurity. The source code had been leaked on the following platforms and the leak file size is about 6GB:-

  • 4chan
  • Github

This 6GB file contains multiple tools that can be used to develop and optimize BIOS/UEFI images, as well as code for working with them.

Alder Lake is Intel’s 12th generation Intel Core processor and Intel released this series back in Nov. 2021.

The Leak

For now, it is unknown where the data came from, but, there is a reference to “Lenovo Feature Tag Test Information” in one of the leaked documents.

As a result of this information, there is evidence to support the hypothesis that the leak has some link with the company. While the leaked file contains the following key things:-

  • Source code
  • Private keys
  • Change logs
  • Compilation tools

Some of the files and tools that are included in the leaked package seem to come from a company named Insyde Software, a firmware vendor.

 “The leak included a KeyManifest private encryption key, a private key used to secure Intel’s Boot Guard platform”,  Mark Ermolov, Hardware researchers warned.

Here’s what Intel stated:-

“We do not rely on obfuscation of information as a security measure, so we are not exposed to any new security vulnerabilities as a result of the leak.”

Moreover, Intel has confirmed that this code is protected with Intel’s bug bounty program, the “Project Circuit Breaker.” 

As part of this initiative, Intel is urging any researchers with information about potential vulnerabilities to notify Intel via this program so that they can address them.

There is no exact understanding of exactly how the hack occurred, including its origins, since the details surrounding its nature are inadequate.

Even though the GitHub repository was removed, but, there are replicas of the GitHub repository that can still be accessed. 

The repository appears to have been created by a member of a Chinese manufacturer of computers and laptops, LC Future Center, but it is still not confirmed yet.

While till now it’s not clear yet, whether the leaked private key is used in production or not. So, if this is the case, then hackers may have the ability to exploit this feature in order to bypass the hardware security and change the boot policy within the Intel firmware.

Cyber Attack with Zero Trust Networking – Download Free E-Book

BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.