
Chipmaker Intel has confirmed that proprietary source code related to its Alder Lake CPUs has been leaked, following its release by an unknown third-party on 4chan and GitHub.
The published content contains Unified Extensible Firmware Interface (UEFI) code for Alder Lake, Intel’s 12th generation Intel Core processors released in 2021. Intel said the leak doesn't expose “any new security vulnerabilities as we do not rely on obfuscation of information as a security measure.”
Besides the UEFI code, the leaked data dump includes 5.97 GB of files, source code, private keys, change logs, and compilation tools, with the latest timestamp when a hacker or insider copied the data. While it is not clear if the leaked private key is used in production, if it is, hackers could potentially use it to modify the boot policy in Intel firmware and bypass hardware security.
Intel spokesperson said, “Our proprietary UEFI code appears to have been leaked by a third party. We do not believe this exposes any new security vulnerabilities as we do not rely on obfuscation of information as a security measure. This code is covered under our bug bounty program within the Project Circuit Breaker campaign, and we encourage any researchers who may identify potential vulnerabilities to bring them our attention through this program. We are reaching out to both customers and the security research community to keep them informed of this situation.”
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.