Intel has confirmed the authenticity of the UEFI firmware and BIOS source codes published by an unknown person on GitHub. In total, 5.8 GB of code, utilities, documentation, blobs and settings related to the formation of firmware for systems with processors based on the Alder Lake microarchitecture, released in November 2021, were published. The most recent change in the published code is dated September 30, 2022.
According to Intel, the leak occurred through the fault of a third party, and not as a result of a compromise in the company's infrastructure. It is also mentioned that the code that got into open access covers the Project Circuit Breaker program, which implies the payment of rewards ranging from $ 500 to $ 100000 for identifying security problems in firmware and Intel products (it is understood that researchers can receive rewards for reporting vulnerabilities discovered by using the contents of the leak).
It is not specified who exactly became the source of the leak (OEM-manufacturers of equipment and companies developing custom firmware had access to the tools for assembling firmware). During the analysis of the contents of the published archive, some tests and services specific to Lenovo products (βLenovo Feature Tag Test Information', 'Lenovo String Service', 'Lenovo Secure Suite', 'Lenovo Cloud Service') were identified, but Lenovo's involvement in the leak not yet confirmed. The archive also revealed utilities and libraries from Insyde Software, which develops firmware for OEMs, and the git log contains an email from one of the employees of LC Future Center, which produces laptops for various OEMs. Both companies are partnering with Lenovo.
According to Intel, the code that got into open access does not contain confidential data or any components that could contribute to the disclosure of new vulnerabilities. At the same time, Mark Yermolov, who specializes in researching the security of Intel platforms, revealed in the published archive information about undocumented MSR registers (Model Specific Registers, used, among other things, for managing microcode, tracing and debugging), information about which is subject to a non-disclosure agreement. Moreover, a private key was found in the archive, which is used to digitally sign firmware, which can potentially be used to bypass Intel Boot Guard protection (the key's performance has not been confirmed, it is possible that this is a test key).
Source: opennet.ru