Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Endpoint Security

Intel Confirms UEFI Source Code Leak as Security Experts Raise Concerns

Intel has confirmed that some of its UEFI source code has been leaked, and while some security experts believe the incident could have serious implications the chipmaker says it’s not concerned.

Intel has confirmed that some of its UEFI source code has been leaked, and while some security experts believe the incident could have serious implications the chipmaker says it’s not concerned.

Last week, someone announced leaking source code associated with the Alder Lake BIOS — Alder Lake is Intel’s codename for its 12th generation Core processors. The files total nearly 6 Gb and they were made public on GitHub and other websites.

Mark Ermolov, a security researcher who specializes in Intel products, analyzed the leaked code and reported finding a private signing key which, he claimed, meant the Intel Boot Guard feature, which is designed to protect the integrity of the boot process, could no longer be trusted.

Intel has confirmed the unauthorized disclosure of proprietary UEFI code and blamed the leak on an unnamed third-party.

“Intel does not believe this exposes, or creates, any new security vulnerabilities as we do not rely on obfuscation of information as a security measure,” the tech giant told SecurityWeek.

“This code is covered under Intel Bug Bounty Program within a Project Circuit Breaker campaign, and we encourage any security researchers who may identify potential vulnerabilities to bring them to our attention through this program or our vulnerability disclosure program. We are reaching out to customers, partners and the security research community to keep them informed of this situation,” Intel added.

Hong Kong-based cybersecurity firm Hardened Vault has analyzed the leak and reported that the code was written by Insyde, a company that provides UEFI firmware and engineering services.

In the past, researchers warned that vulnerabilities affecting Insyde UEFI firmware code had impacted millions of devices, including from major vendors such as HP, Lenovo, Fujitsu, Microsoft, Intel, and Dell.

Evidence suggests that the leaked source code may have originated from China, specifically a company that manufactures Lenovo computers and tablets.

“We do not have a comprehensive review of the leaked content,” Hardened Vault said. “[An] attacker/bug hunter can hugely benefit from the leaks even if the leaked OEM implementation is only partially used in the production. Insyde’s solution can help security researchers, bug hunters (and the attackers) find the vulnerability and understand the result of reverse engineering easily, which adds up to long-term high risk to the users.”

Related: Thousands of Secret Keys Found in Leaked Samsung Source Code

Related: Conti Ransomware Source Code Leaked

Related: Vodafone Investigating Source Code Theft Claims

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Expert Insights

Related Content

Application Security

Electric car maker Tesla is using the annual Pwn2Own hacker contest to incentivize security researchers to showcase complex exploit chains that can lead to...

CISO Strategy

Varied viewpoints as related security concepts take on similar traits create substantial confusion among security teams trying to evaluate and purchase security technologies.

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Application Security

Password management firm LastPass says the hackers behind an August data breach stole a massive stash of customer data, including password vault data that...

Endpoint Security

Today, on January 10, 2023, Windows 7 Extended Security Updates (ESU) and Windows 8.1 have reached their end of support dates.

Application Security

Software maker Adobe has rolled out its first batch of security patches for 2023 with fixes for at least 29 security vulnerabilities in a...

Application Security

Microsoft on Tuesday pushed a major Windows update to address a security feature bypass already exploited in global ransomware attacks.The operating system update, released...

Endpoint Security

Apple has launched a new security research blog and website, which will also be the new home of the company’s bug bounty program.