DevSecOps

Intel confirms Alder Lake BIOS source code leak

Intel has confirmed the leak of the UEFI BIOS source code of its 12th generation Core processors dubbed 'Alder Lake', which was initially reported by information security collective VX Underground to have been spread through GitHub and 4chan, reports The Register. While some security experts noted that the source code's exposure may introduce potentially exploitable firmware flaws, Intel has downplayed the likelihood of such an incident as it does not leverage information obfuscation as a security measure. "This code is covered under our bug bounty program within the Project Circuit Breaker campaign, and we encourage any researchers who may identify potential vulnerabilities to bring them to our attention through this program. We are reaching out to both customers and the security research community to keep them informed of this situation," said Intel. However, Mark Ermolov of Positive Technologies has emphasized the seriousness of the leak, which was claimed to have also exposed the private signing key for Intel's Boot Guard technology. "A very bad thing happened: now, the Intel Boot Guard on the vendor's platforms can no longer be trusted," said Ermolov.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.