Source code for Intel Alder Lake BIOS leaks online

The BIOS source code for Intel’s 12th gen Alder Lake processors has been leaked online, Tom’s Hardware reports.

The publication discovered a 6GB file containing tools and code for building and optimising BIOS/UEFI images for the platform on 4chan and Github.

It subsequently confirmed with Intel that a third party had leaked the code.

Among the core functions of a BIOS/UEFI is establishing connections to security subsystems like the Trusted Platform Module.

Tom’s Hardware said the code would “undoubtedly” be scrutinised by nefarious actors for potential backdoors and vulnerabilities.

But Intel said it does not believe the leak exposes any new security vulnerabilities as it does not rely on “obfuscation of information” as a security measure.

The code is included in Intel’s Project Circuit Breaker bug bounty programme, so researchers have been able to identify potential vulnerabilities in it for some time.

Nonetheless, Intel said it would reach out to customers and the security research community to keep them informed of the development.

The company has not confirmed who is responsible for the leak or how the data was taken.

Intel provides code to motherboard vendors and original equipment manufacturers (OEMs) to build firmware for Intel’s platforms.

Tom’s Hardware reported that the code leaked on GitHub seems to have been created by an employee at LC Future Centre, a China-based company that makes laptops for several OEMs, including Lenovo.

It also found references to Lenovo in the leaked documents and files labelled “Insyde”, a company that provides BIOS/UEFI firmware to OEMs that include Lenovo.


Now read: Server with financial data “stolen” after R150 million looting controversy

Latest news

Partner Content

Show comments

Recommended

Share this article
Source code for Intel Alder Lake BIOS leaks online