Earlier this month, an anonymous person posted the suspected Intel 12th generation Core Alder Lake BIOS source code to 4chan and Github, of which 5.97GB The file contains the image used to build and optimize the BIOS / UEFI tools and code. Now, Intel has issued a statement to the media Tom's Hardware confirming that the leaked code is true :
Our proprietary UEFI code appears to have been leaked by a third party. But we don't think this will expose any new security holes, as we don't rely on obfuscation as a security measure. This code has previously been covered by our Project Circuit Breaker bug bounty program, and any researcher who might identify a potential vulnerability is encouraged to participate. We are reaching out to customers and the security research community to let them know about this situation.
The computer's BIOS/UEFI is used to initialize the hardware before loading the operating system. Although Intel officially said that there are no new vulnerabilities, now that the BIOS/UEFI code has been publicized and officially recognized by Intel, some criminals and security researchers will still try to find potential backdoors and security vulnerabilities, so we still need to maintain an alert.
Previously, security researcher Mark Ermolov discovered by analyzing the code that the secret MSR (Model Special Register), which is usually reserved for privileged code, so there may be security issues and the private signing key used for Intel Boot Guard, which may lead to the function invalid. In addition, BootGuard and TXT (Trusted Execution Technology) also have signs of ACM (Authenticated Code Modules), indicating potential future problems.
I can't believe: NDA-ed MSRs, for the newest CPU, what a good day... pic.twitter.com/bNitVJlkkL
— Mark Ermolov (@_markel___) October 8, 2022
Intel has yet to confirm who leaked the code, where, and how. The GitHub repository of the leaked code has now been removed, and there are no signs of extortion. A recent series of hacking incidents include RansomHouse obtaining about 450GB of AMD data and extorting it, and AMD, Intel, AMI, and NVIDIA partner Gigabyte also took place in the infamous "Gigabyte Hack", which was obtained by RansomExx About 112 GB of sensitive data.
In addition, Nvidia was also recently attacked by the hacker group LAPSU$, resulting in the theft of more than 1TB of its data, including some documents and source code for future technologies, but the giant fought back with its own hard power, making the stolen data become useless.
0 Comments