Intel ya tabbatar da sahihancin firmware na UEFI da lambobin tushen BIOS wanda wani wanda ba a san shi ya buga akan GitHub ba. An buga jimlar 5.8 GB na lamba, kayan aiki, takaddun bayanai, ɓangarorin da saitunan da suka danganci haɓakar firmware don tsarin tare da masu sarrafawa dangane da microarchitecture na Alder Lake, wanda aka saki a watan Nuwamba 2021. Canji na baya-bayan nan zuwa lambar da aka buga ta kasance kwanan wata Satumba 30, 2022.
A cewar Intel, ledar ta afku ne saboda laifin wani bangare na uku, ba wai ta hanyar yin sulhu da ababen more rayuwa na kamfanin ba. An kuma ambaci cewa lambar da aka leka ta ƙunshi shirin Project Circuit Breaker, wanda ke ba da lada daga $ 500 zuwa $ 100000 don gano matsalolin tsaro a cikin firmware da samfuran Intel (yana nufin masu bincike za su iya samun lada don bayar da rahoton raunin da aka gano ta amfani da abubuwan da ke ciki. leka).
Ba a ƙayyade wanda ya zama ainihin tushen ɗigo ba (Masu kera kayan aikin OEM da kamfanoni masu haɓaka firmware na al'ada sun sami damar yin amfani da kayan aikin haɗa firmware). Binciken abubuwan da ke cikin rumbun adana bayanan da aka buga ya nuna wasu gwaje-gwaje da ayyuka na musamman ga samfuran Lenovo ("Lenovo Feature Tag Information Information', "Lenovo String Service", "Lenovo Secure Suite", "Lenovo Cloud Service"), amma sa hannun Lenovo a ciki. har yanzu ba a tabbatar da zubewar ba. Rumbun ya kuma bayyana kayan aiki da dakunan karatu na kamfanin Insyde Software, wanda ke samar da firmware don OEMs, kuma git log ya ƙunshi imel daga ɗaya daga cikin ma'aikatan kamfanin LC Future Center, wanda ke kera kwamfutar tafi-da-gidanka don OEMs daban-daban. Duk kamfanoni suna aiki tare da Lenovo.
A cewar Intel, lambar da ake samu a bainar jama'a ba ta ƙunshi bayanan sirri ko duk wani abin da zai iya ba da gudummawa ga bayyana sabbin lahani. A lokaci guda, Mark Ermolov, wanda ya ƙware a cikin binciken tsaro na dandamali na Intel, an gano shi a cikin bayanan tarihin da aka buga game da rajistar MSR mara izini (Model Specific Registers, wanda aka yi amfani da shi, a tsakanin sauran abubuwa, don sarrafa microcode, ganowa da lalata), bayanai game da su. wanda ke ƙarƙashin yarjejeniyar rashin bayyanawa. Bugu da ƙari, an sami maɓalli mai zaman kansa a cikin ma'ajiyar, ana amfani da shi don sanya hannu a dijital ta firmware, wanda za a iya amfani da shi don ketare kariyar Intel Boot Guard (ba a tabbatar da ayyukan maɓallin ba; yana yiwuwa wannan maɓallin gwaji ne).
source: budenet.ru