Security News > 2022 > October > Intel confirms leaked Alder Lake BIOS Source Code is authentic
Intel has confirmed that a source code leak for the UEFI BIOS of Alder Lake CPUs is authentic, raising cybersecurity concerns with researchers.
On Friday, a Twitter user named 'freak' posted links to what was said to be the source code for Intel Alder Lake's UEFI firmware, which they claim was released by 4chan.
The leaked source code also contains numerous references to Lenovo, including code for integrations with 'Lenovo String Service', 'Lenovo Secure Suite', and 'Lenovo Cloud Service.
Intel has confirmed to Tom's Hardware that the source code is authentic and is its "Proprietary UEFI code."
"Our proprietary UEFI code appears to have been leaked by a third party. We do not believe this exposes any new security vulnerabilities as we do not rely on obfuscation of information as a security measure. This code is covered under our bug bounty program within the Project Circuit Breaker campaign, and we encourage any researchers who may identify potential vulnerabilities to bring them our attention through this program. We are reaching out to both customers and the security research community to keep them informed of this situation." - Intel spokesperson.
While Intel has downplayed the security risks of the source code leak, security researchers warn that the contents could make it easier to find vulnerabilities in the code.