{"id":463815,"date":"2022-10-10T15:26:18","date_gmt":"2022-10-10T13:26:18","guid":{"rendered":"https:\/\/mybroadband.co.za\/news\/?p=463815"},"modified":"2022-10-10T15:28:09","modified_gmt":"2022-10-10T13:28:09","slug":"source-code-for-intel-alder-lake-bios-leaks-online","status":"publish","type":"post","link":"https:\/\/mybroadband.co.za\/news\/hardware\/463815-source-code-for-intel-alder-lake-bios-leaks-online.html","title":{"rendered":"Source code for Intel Alder Lake BIOS leaks online"},"content":{"rendered":"<p>The BIOS source code for Intel&#8217;s 12th gen Alder Lake processors has been leaked online, <a href=\"https:\/\/www.tomshardware.com\/news\/intel-confirms-6gb-alder-lake-bios-source-code-leak-new-details-emerge\" target=\"_blank\" rel=\"noopener\"><strong>Tom&#8217;s Hardware reports<\/strong><\/a>.<\/p>\n<p>The publication discovered a 6GB file containing tools and code for building and optimising BIOS\/UEFI images for the platform on 4chan and Github.<\/p>\n<p>It subsequently confirmed with Intel that a third party had leaked the code.<\/p>\n<p>Among the core functions of a BIOS\/UEFI is establishing connections to security subsystems like the Trusted Platform Module.<\/p>\n<p>Tom&#8217;s Hardware said the code would &#8220;undoubtedly&#8221; be scrutinised by nefarious actors for potential backdoors and vulnerabilities.<\/p>\n<p>But Intel said it does not believe the leak exposes any new security vulnerabilities as it does not rely on &#8220;obfuscation of information&#8221; as a security measure.<\/p>\n<p>The code is included in Intel&#8217;s Project Circuit Breaker bug bounty programme, so researchers have been able to identify potential vulnerabilities in it for some time.<\/p>\n<p>Nonetheless, Intel said it would reach out to customers and the security research community to keep them informed of the development.<\/p>\n<p>The company has not confirmed who is responsible for the leak or how the data was taken.<\/p>\n<p>Intel provides code to motherboard vendors and original equipment manufacturers (OEMs) to build firmware for Intel&#8217;s platforms.<\/p>\n<p>Tom&#8217;s Hardware reported that the code leaked on GitHub seems to have been created by an employee at LC Future Centre, a China-based company that makes laptops for several OEMs, including Lenovo.<\/p>\n<p>It also found references to Lenovo in the leaked documents and files labelled &#8220;Insyde&#8221;, a company that provides BIOS\/UEFI firmware to OEMs that include Lenovo.<\/p>\n<hr \/>\n<h2 class=\"my-4\">Now read: <a href=\"https:\/\/mybroadband.co.za\/news\/security\/463723-server-with-financial-data-stolen-after-r150-million-looting-controversy.html\" rel=\"bookmark\">Server with financial data &#8220;stolen&#8221; after R150 million looting controversy<\/a><\/h2>\n","protected":false},"excerpt":{"rendered":"<p>Tom&#8217;s Hardware said the code would &#8220;undoubtedly&#8221; be scrutinised by nefarious actors and security researchers for potential backdoors and vulnerabilities.<\/p>\n","protected":false},"author":23,"featured_media":452956,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[15,27],"tags":[77990,11253,131,73836,75498,77988],"class_list":["post-463815","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-hardware","category-security","tag-basic-input-output-system-bios","tag-github","tag-intel","tag-intel-12th-gen","tag-intel-alder-lake","tag-unified-extensible-firmware-interface-uefi"],"_links":{"self":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts\/463815"}],"collection":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/users\/23"}],"replies":[{"embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/comments?post=463815"}],"version-history":[{"count":2,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts\/463815\/revisions"}],"predecessor-version":[{"id":463905,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts\/463815\/revisions\/463905"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/media\/452956"}],"wp:attachment":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/media?parent=463815"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/categories?post=463815"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/tags?post=463815"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}