the week did not start well this Intel, and the company had the source code for Alder Lakes, 12th generation processors leaked on the forums. At least 6GB of product data was compromised, including BIOS and UEFI optimization tools for systems.
In a statement, Intel explains that the leak does not compromise the integrity and security of processors The company is currently working to detect any security vulnerabilities that may occur. “This code is protected by our bounty program in the Project Circuit Breaker campaign, and we encourage any researchers who can spot potential security vulnerabilities to our attention through this program.”
Although the company insists that users are not at risk for trouble, security researcher Mark Ermolov found hidden MSR codes by analyzing the leaked source code, namely the Model-Specific Registry (free translation), which can configure a major security issue.
I can’t believe it: NDA-ed MSRs for the latest CPU, what a beautiful day… pic.twitter.com/bNitVJlkkL
— Mark Ermolov (@_markel__) 8 October 2022
In a conversation with Luis Antonio da Costa, MSc in Computer Science at UFRGS, the researcher explains that the source code is similar to human DNA, giving the software specific instructions on how certain hardware should behave. “With the leak, it is possible to get information about how equipment and company data are stored and security schemes, leaving the system open to attacks‘, says Costa.
So far, the exact source of the leak is unknown. The data has been published on 4Chan and Github, but has already dropped on this second platform. It was discovered there the person in charge of the task was an employee of LC Future Center, a Chinese laptop manufacturer. However, although it may not seem more likely in this case, the possibility of a ransomware attack cannot be completely ruled out.
Source: Tec Mundo
