The Alder Lake BIOS source code leak proven real, says Intel

October 12, 2022
Alder Lake BIOS Source Code Data Leak Intel UEFI Firmware Processor

Intel’s 12th generation of Intel Core processors, Alder Lake, recently reported that its UEFI BIOS source code got leaked online. After several investigations, security analysts have confirmed this incident to be authentic, which raises concerns for many cybersecurity experts.

The issue began when a Twitter user under the handle ‘freak’ posted links that they said were Intel Alder Lake’s BIOS source code, allegedly released by 4chan. Upon clicking on the link, a GitHub repository will open with the name ‘ICE_TEA_BIOS.’ This repository was created by a user ‘LCFCASD’ and contained the alleged ‘BIOS Code from project C970.’

Further research revealed that the leak included 5.97GB of several files, source code, change logs, private keys, and compilation tools. The latest timestamp of these files was on September 30, 2022. Developed by Insyde Software Corp, a UEFI system firmware development firm, the leaked source code has also carried several Lenovo references, such as integration codes with the ‘Lenovo Secure Suite,’ ‘Lenovo Cloud Service,’ and ‘Lenovo String Service.’

 

The cause of the Alder Lake BIOS source code leak remains unclear.

 

Despite the cause of the leaked Intel BIOS source code yet to be known, researchers say that this leak is authentic and is Intel’s real proprietary UEFI code. Until now, the tech firm seemed to have restrained its comments about the Alder Lake leak issue. Hence, many security researchers became highly concerned and warned that the leak’s content could help threat actors to find security vulnerabilities to exploit.

According to a separate analyst, the leak could help security researchers and bug hunters find vulnerabilities in the UEFI BIOS code to determine and release appropriate patches. However, once the threat actors discover these security flaws first, they could immediately abuse them to victimise users of Intel’s core processors.

Another thing that concerned the analysts is how the leaked source code also contained a KeyManifest private encryption key which is a private key for securing Intel’s Boot Guard platform. Moreover, if it is confirmed that the leaked private key is used in production, threat actors could use it to modify Intel firmware’s boot policy and bypass hardware security protocols.

There are no further comments from all entities involved as of now.

About the author

Leave a Reply