Intel has confirmed that some of its UEFI source code has been leaked, and while some security experts believe the incident could have serious implications the chipmaker says it’s not concerned.
Last week, someone announced leaking source code associated with the Alder Lake BIOS — Alder Lake is Intel’s codename for its 12th generation Core processors. The files total nearly 6 Gb and they were made public on GitHub and other websites.
Mark Ermolov, a security researcher who specializes in Intel products, analyzed the leaked code and reported finding a private signing key which, he claimed, meant the Intel Boot Guard feature, which is designed to protect the integrity of the boot process, could no longer be trusted.
Intel has confirmed the unauthorized disclosure of proprietary UEFI code and blamed the leak on an unnamed third-party.
“Intel does not believe this exposes, or creates, any new security vulnerabilities as we do not rely on obfuscation of information as a security measure,” the tech giant told SecurityWeek.
“This code is covered under Intel Bug Bounty Program within a Project Circuit Breaker campaign, and we encourage any security researchers who may identify potential vulnerabilities to bring them to our attention through this program or our vulnerability disclosure program. We are reaching out to customers, partners and the security research community to keep them informed of this situation,” Intel added.
Hong Kong-based cybersecurity firm Hardened Vault has analyzed the leak and reported that the code was written by Insyde, a company that provides UEFI firmware and engineering services.
In the past, researchers warned that vulnerabilities affecting Insyde UEFI firmware code had impacted millions of devices, including from major vendors such as HP, Lenovo, Fujitsu, Microsoft, Intel, and Dell.
Evidence suggests that the leaked source code may have originated from China, specifically a company that manufactures Lenovo computers and tablets.
“We do not have a comprehensive review of the leaked content,” Hardened Vault said. “[An] attacker/bug hunter can hugely benefit from the leaks even if the leaked OEM implementation is only partially used in the production. Insyde’s solution can help security researchers, bug hunters (and the attackers) find the vulnerability and understand the result of reverse engineering easily, which adds up to long-term high risk to the users.”
Related: Thousands of Secret Keys Found in Leaked Samsung Source Code
Related: Conti Ransomware Source Code Leaked
Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.
More from Eduard Kovacs
- Siemens License Manager Vulnerabilities Allow ICS Hacking
- CISA Releases Open Source Recovery Tool for ESXiArgs Ransomware
- ICS Cybersecurity Firm Opscura Launches With $9.4 Million in Series A Funding
- Patch Released for Actively Exploited GoAnywhere MFT Zero-Day
- VMware Says No Evidence of Zero-Day Exploitation in ESXiArgs Ransomware Attacks
- Critical Baicells Device Vulnerability Can Expose Telecoms Networks to Snooping
- SecurityWeek Analysis: Over 450 Cybersecurity M&A Deals Announced in 2022
- VMware ESXi Servers Targeted in Ransomware Attack via Old Vulnerability
Latest News
- Skybox Security Raises $50M, Hires New CEO
- Spies, Hackers, Informants: How China Snoops on the US
- Australian Man Sentenced for Scam Related to Optus Hack
- Chrome 110 Patches 15 Vulnerabilities
- Application Security Protection for the Masses
- Tor Network Under DDoS Pressure for 7 Months
- Siemens License Manager Vulnerabilities Allow ICS Hacking
- UN Experts: North Korean Hackers Stole Record Virtual Assets
