Intel Affirms Alder Lake UEFI/BIOS Source Code Leak

Intel Alder Lake source code for BIOS/UEFI building and optimization has been leaked in a massive 6 GB leak that appeared on 4chan and GitHub. While this number may seem small, it is a colossal codebase, given that the regular code files take up small space. We assume that the documentation is bundled there as well, however, we can not check ourself as the repository has been taken down. Tom’s Hardware has contacted an Intel representative to talk about the code leak and the rep issued a statement for the webiste.

Intel SpokespersonOur proprietary UEFI code appears to have been leaked by a third party. We do not believe this exposes any new security vulnerabilities as we do not rely on obfuscation of information as a security measure. This code is covered under our bug bounty program within the Project Circuit Breaker campaign, and we encourage any researchers who may identify potential vulnerabilities to bring them our attention through this program. We are reaching out to both customers and the security research community to keep them informed of this situation.

While we don’t know exactly who made the source code public, assumptions led to Chinese vendors creating software for Lenovo. There are no direct accusations, and Intel hasn’t stated who is to blame, so we have to wait for further information.