The Unified Extensible Firmware Interface (UEFI) BIOS of Alder Lake, the company's code name for its most recent processor—the 12th generation Intel Core processor—debuted in late 2021, has been leaked, according to Intel.

Reports state that the Intel UEFI code, which is 5.97GB in size, was posted on 4chan and GitHub late last week. According to researchers, the date of 9-30-22 indicates that it was exfiltrated at that time. Researchers from Hardened Vault evaluated the stolen data and said, "In addition, one issue that should be highlighted is that the key pairs required by Boot Guard during the provisioning step are also contained in the leaked material."

On the same day, researcher Mark Ermolov tweeted, "... the Intel Boot Guard on the vendor's systems can no longer be trusted."

Hardened Vault warned that the code might be beneficial for bad actors trying to reverse-engineer the program in search of security flaws.

While Intel confirmed the data breach in a statement, it placed blame on a third party and played down the seriousness of the situation. Intel stated in a statement that "we do not rely on obfuscation of information as a security solution," therefore "Intel does not think this exposes, or develops, any new security vulnerabilities." Customers, partners, and the security research community may expect updates from us as we work to resolve the issue.

The Hardened Vault team stated that they have been unable to identify the source of the leak but that the creator of the firmware solution, Insyde, may have further information. However, "it is still hard to confirm the individual who released it," the group said. "The flaw is included in Intel's resource-sharing product Insyde. Maybe Insyde has more information than we do."