Security News > 2023 > May > FYI: Intel BootGuard OEM private keys leak from MSI cyber heist

Intel is investigating reports that BootGuard private keys, used to protect PCs from hidden malware, were leaked when data belonging to Micro-Star International was stolen and dumped online.

It's understood the private keys were generated by MSI to use with Intel's BootGuard technology, and were among internal source code and other materials taken from the computer parts maker's IT systems last month - at least some of which has since been shared on the internet.

PCs with Intel chips and BootGuard protection enabled and configured will, typically and generally speaking, only run firmware if it is digitally signed using keys like those leaked from MSI. That firmware starts the OS - a process described by Intel here [PDF] and required to satisfy Windows Secure Boot requirements.

Intel BootGuard OEM keys are generated by the system manufacturer, and these are not Intel signing keys.

"There have been researcher claims that private signing keys are included in the data including MSI OEM Signing Keys for Intel BootGuard. It should be noted that Intel BootGuard OEM keys are generated by the system manufacturer, and these are not Intel signing keys."

It's understood at least some of that information - such as the MSI firmware source code and private BootGuard keys - has escaped into the wild from the extortionists' leak site.

News URL

https://go.theregister.com/feed/www.theregister.com/2023/05/09/intel_oem_private_keys_leaked/