Recently some source code of BIOS and internal documentation for Alder Lake, the 12th generation Intel Core processors released in November 2021, has been leaked online. Intel has now confirmed the authenticity of the codes that have been leaked to open sources, and this raises serious cybersecurity concerns among experts.
According to the company, the leak was caused by third parties, but it is not specified which ones. It is still unclear if the source code was stolen during a cyberattack or if it was compromised by an insider. It is believed that the leak came from the network of one of the company's partners, most likely Lenovo.
A few days ago, the source code for Intel Alder Lake BIOS leaked on 4chan and Github, and the 5.86 GB file contained a huge amount of hundreds of engineering and technical files, documentation and tools designed to create and optimize BIOS/UEFI firmware for Intel Alder Lake and chipsets for 12th generation processors.
Among the leaked files were fragments of data on MSR (Model Specific Register, microcode interface registers) registers of last year's generation Intel processors. This is classified information that is not present in publicly available documentation on this development.
Leaked was also the Intel Boot Guard private key. This is classified confidential information that Intel makes available to vendors.
The project's Github page, where some of the information from the leak was posted, as its mirrors are currently unavailable.
Intel says its infrastructures have not been compromised as a result of the leak.