THE Intel confirmed last Sunday (9) that the source code of Alder Lake processors leaked on GitHub is real. This leak, which reveals Intel’s UEFI code, has cybersecurity experts worried about possible attacks on the vulnerabilities. UEFI is the computer’s boot firmware, the successor to BIOS technology, and accessing its code can pose risks to users.
Leak happened last Friday
confirmation of Intel came two days after the source code leak. On Friday (7), a Twitter user released the link to a page on GitHub, a software collaboration platform, with the supposed UEFI code of Intel Alder Lake processors, 12th generation of the Intel Core line, launched in November of 2021. The company guarantees that the leak does not pose risks to users.
The GitHub link led to the code repository called “ICE_TEA_BIOS”. The description of its contents indicated that there was the “BIOS code of project C970” (direct translation from English).
In total, 5.97 GB of data, including private keys, compilers, and change log, were part of the repository — already removed from GitHub. Several of the leaked codes belong to Lenovo programssuch as Lenovo String Service, Lenovo Secure Suite, and Lenovo Cloud Service integration lines.
User safety risks
For cybersecurity researchers, the Intel’s UEFI source code leak increases the chances of hackers finding vulnerabilities in the code, which poses risks to users of Intel hardware — contrary to the Santa Clara company’s statement.
Mark Ermolov, hardware researcher at Positive Technologies, pointed out that private encryption keys used in the Boot Guard platform were in the leaked repository. During his analysis, Ermolov also found other codes used to ensure UEFI security at boot.
Even if these keys are not used in production, hackers can analyze the leaked code to develop attacks that circumvent Intel-developed hardware security.
“Joker” employee may be responsible for the leak
The GitHub repository, allegedly posted on the 4chan forum, had the user named “LCFCASD” as its creator, raising suspicions that it would be an employee of LC Future Center, Lenovo’s device assembler company — as already mentioned, Lenovo program codes were present in the repository.
So far, the Chinese manufacturer has not commented on the case. Just as Intel also did not disclose its suspicions.