Windows 10: Infineon TPM Security Vulnerablity - Is my TPM affected by this?

  1.    08 Mar 2018 #1

    Infineon TPM Security Vulnerablity - Is my TPM affected by this?


    Judging from the attached image of my TPM manufacturer information by going into the TPM.msc properties, is my TPM affected by the Infineon TPM chip security vulnerability?

    TPMupdate - Infineon Technologies
    ROCA: Infineon TPM and Secure Element RSA Vulnerability Guidance - NCSC Site

    If it was shown as "IFX" would that indicate that the TPM chip was made by Infineon?

    My next question, when buying another laptop, how can I ensure NOT to get one that has a TPM chip made by Infineon?

    After these security issues, I don't think I want to trust TPM Infineon chips...
    Attached Thumbnails Attached Thumbnails Capture.PNG  
      My ComputerSystem Spec

  2.    09 Mar 2018 #2

    Still no responses?
    I guess people don't take encryption too seriously...What a shame, since this is the first line of defense to protect data.
      My ComputerSystem Spec

  3.    09 Mar 2018 #3

    You have an Atmel TPM, not an Infineon. As you said, Infineon uses IFX as the ID. The tpm.msc will actually tell you if you are vulnerable.

    You have to ask the manufacturer, find the spec sheet online, or check with other owners of the laptop to see what TPM they are using. But all the new IFX chips would have this issue fixed and the major OEMs would have already updated to the latest TPM firmware by now.

    I imagine few home users would be affected since not many apps use the TPM to generate RSA keys, aside from Bitlocker and Windows Hello. Bitlocker uses 2048-bit keys, which require 140 CPU years/$20K to crack. MS doesn't specify the key length for Hello but I would guess it would be the same.
      My ComputerSystem Spec

  4.    09 Mar 2018 #4

    All I really read is that only Infineon chips are affected.
    So I guess Iím safe.

    So the TPM.msc console would have a warning on this? Which section?

    Good to know, because I was looking for a script or program that would let me know if my TPM is safe or not.

    Thanks
      My ComputerSystem Spec

  5.    09 Mar 2018 #5

    https://portal.msrc.microsoft.com/en...sory/ADV170012

    c. Option 3 - Manually check the Trusted Platform Module (TPM) Management snap-in (TPM.MSC) on each Windows 10 device
    On devices running Windows 10 that have the October 2017 security update installed, in a CMD prompt, type "TPM.MSC" to open the Trusted Platform Module (TPM) Management snap-in. Devices with affected TPM modules will display the following error message:
    "The TPM is ready for use. The TPM firmware on this PC has a known security problem. Please contact your PC manufacturer to find out if an update is available. For more information please go to https://go.microsoft.com/fwlink/?linkid=852572."
    NOTE: Microsoft recommends that consumers and Home office users leverage this step to identify affected software.
      My ComputerSystem Spec


 

Related Threads
I've recently noticed my Windows 10 PC has a very slow internet speed. At first I thought this was due to having changed to a new broadband provider, but having tested the speed on several devices I think the problem is unique to my PC. Having...
Read more: RSA Keys Generated by Infineon TPMs are Insecure
FYI... I get emails for updates for my Lenovo ThinkPad notebook. That said, I got one this morning alerting me that some Lenovo notebooks using Infineon TPM modules are generating insecure RSA keys - RSA Keys Generated by Infineon TPMs are...
Hello there, i'm new around here, I've recently encountered a BSOD out of the blue while the PC was idling. So far it only happened once, but I don't want to take any chances. The affected driver was commonly known as the ntoskrnl.exe, it...
Would Windows 10 Phone affected by the same virus with Win 10 PC? in AntiVirus, Firewalls and System Security
So I just had a thought: if Windows 10 for Phone can run continuum and be a PC, then a virus or any malicious software can infect a phone just like it would in a laptop/desktop? Another thought: what if the virus can manipulate OneDrive sync and...
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 09:51.
Find Us