Intel is reportedly investigating a major leak of private keys used by the Intel Boot Guard feature, which aids in blocking the installation of malicious firmware.

According to Bleeping Computer, MSI suffered a security breach in March, during which around 1.5TB of data was stolen. As is typical in these situations, a ransom demand was made, which MSI refused to pay, leading to sensitive information being leaked on the web. This leak may have included private keys used by Intel Boot Guard, which could allow bad actors to create malicious, security-bypassing malware.

Now, Intel is investigating the issue. In a statement, an Intel spokesperson told Bleeping Computer that it is “aware” and “actively investigating” the security issue. According to Binarly CEO, Alex Matrosov, the MSI leak includes private keys used for hundreds of MSI products.

Intel Boot Guard protects PCs against malicious firmware by verifying that a firmware image is signed with a legitimate private signing key using an embedded public key built into the Intel hardware. If the wrong person has access to the private key, they can create malicious malware that bypasses the Boot Guard feature.

For now, this primarily impacts those using MSI hardware, but the cybersecurity experts at Binarly say there is evidence to suggest that this leak could have implications for the entire Intel PC hardware ecosystem.

We are waiting on new updates from Intel and MSI as this story develops.

Discuss on our Facebook page, HERE.

KitGuru Says: Investigations into leaks like this take time, so with that in mind, it could be a while before we get another official statement on this. 

Become a Patron!