上周，有匿名者将疑似英特尔 12 代酷睿 Alder Lake BIOS 源代码发布到了 4chan 和 Github 上，其中 5.97GB 文件包含用于构建和优化 BIOS / UEFI 镜像的单机爱游戏ayx和代码。

现在，英特尔现已向外媒 Tom's Hardware 发布声明，确认该泄露代码为真。

我们的专有 UEFI 代码似乎已被第三方泄露，但我们不认为这会暴露出任何新的安全漏洞，因为我们不依赖信息混淆作为安全措施。此前，我们的 Project Circuit Breaker 漏洞奖励计划已涵盖了此代码，并鼓励任何可能识别潜在漏洞的研究人员参与这项计划，我们正在联系客户和安全研究社区，让他们了解这种情况。

Last week, it became known about the leakage of confidential Intel materials, including documentation and source code for UEFI for the LGA1700 platform and 12th generation Core chips. Intel’s reaction was not long in coming. The processor giant confirmed the authenticity of the published materials, but at the same time assured that the leak would not become a source of vulnerabilities.

“Apparently, our proprietary UEFI code was posted by a third party. We do not believe this exposes any new vulnerabilities as we do not rely on information obfuscation as a security measure. This code is covered by our Project Circuit Breaker bug bounty program, and we encourage all researchers who can identify potential vulnerabilities to bring them to our attention through this program,” says an Intel spokesperson.
It is worth adding that Intel does not disclose the source of the leak, however, references to Lenovo can be found in some published documents.
Source:TechPowerUp
stay updated with Aroged.com