Intel Alder Lake-S

2022: Processor sources leaked to the Internet

On October 8, 2022, it became known that an archive containing the source code of a number of files and tools designed to create BIOS/UEFI for the Intel Alder Lake-S hardware platform (desktop PCs) had leaked to the Internet. For Intel, this can be a very serious problem.

In packed form, the sources have a volume of approximately 2.8 GB, in unpacked form - about 6 GB. The archive appeared on the 4chan and Github sites. The bulk of the leaked information concerns BIOS/UEFI, as well as system logic sets for the Alder Lake-S platform. Intel has already confirmed the authenticity of the source code.

Intel Alder Lake-S

{{quote 'Apparently, our proprietary UEFI code ended up with third parties. We do not believe that this reveals any new security vulnerabilities. […] We appeal to customers and security professionals, informing them about this situation, the corporation said. }} There is currently no information about the source of the leak. However, some files mention the Lenovo Feature Tag Test. Observers believe that OEMs and motherboard suppliers for Intel Alder Lake-S desktop processors have a similar code.

According to preliminary data, the archive does not contain critical classified information that could be used to create new dangerous exploits. In particular, the sources do not affect Trusted Platform Module technology. Intel notes that the "leaked" code is covered by the Project Circuit Breaker campaign bug detection reward program. Intel encourages researchers who can identify potential vulnerabilities to report this to the corporation. However, so far the presence of any bugs in the published source code has not been reported.^[1]

Notes