Updated on 2022-10-10: Intel Acknowledges Alder Lake BIOS Leak
In a statement to Tom’s Hardware, Intel acknowledged a data leak that exposed Unified Extensible Firmware Interface (UEFI) code source code for its Alder Lake CPUs. Intel does not believe the leaked information exposes any new vulnerabilities, but does encourage researchers to report any issues they do detect to its bug bounty program, Project Circuit Breaker.
Note
- The repository with the source code has been taken down. Alder Lake CPUs, first released in late 2021, are in Laptop/desktop systems not servers. While researcher claims to have discovered undocumented registers, aka MSRs, used in the Alder Lake CPU for debugging or enabling/disabling specific chip features, as Intel claims they are not obscuring security information; that information should be available through other legitimate channels if you really need it.
Read more in
- Intel Confirms Leak of Alder Lake BIOS Source Code
- Intel Alder Lake BIOS code leak may contain vital secrets
Overview: Intel code leaks online
An unknown individual leaked the source code for Intel’s Alder Lake BIOS/UEFI firmware earlier this week in a 4chan post. Intel confirmed the leak on Sunday and said that they “do not rely on obfuscation of information as a security measure.” More details are available here, and a script also exists to check if your system is using the leaked BIOS/UEFI firmware. Read more:
