New TPM 2.0 Vulnerabilities in Windows 11 Could Put Billions of Devices at Risk

<the original article>

Billions of PCs and other devices vulnerable to newly discovered TPM 2.0 flaws (msn.com)

Billions of PCs and other devices vulnerable to newly discovered TPM 2.0 flaws

 

If you own a PC running Windows 11 with a Trusted Platform Module (TPM) 2.0 chip, you may be at risk due to two new vulnerabilities recently discovered by security researchers. While TPM 2.0 chips were designed to enhance the security of newer PCs by generating and storing cryptographic keys and other sensitive data, these new vulnerabilities could allow attackers to exploit devices and steal sensitive information.

The Impact of the TPM 2.0 Vulnerabilities

The two buffer overflow vulnerabilities, tracked as CVE-2023-1017 and CVE-2023-1018, were discovered by Francisco Falcon and Ivan Arce from Quarkslab, who have warned that they could impact billions of devices running Windows 11. Attackers could exploit these vulnerabilities to escalate privileges and steal sensitive data from vulnerable devices, completely negating the added security that TPM 2.0 chips were designed to provide in the first place.

 

To make matters worse, the CERT Coordination Center at Carnegie Mellon University has published an alert stating that an exploit leveraging these vulnerabilities would be essentially “undetectable” by the devices themselves, as well as the best antivirus software.

The Fix for the TPM 2.0 Vulnerabilities

Fortunately, the Trusted Computing Group (TCG) has released a new security bulletin (PDF) with a fix for these vulnerabilities. Vendors can fix the vulnerabilities by moving to a fixed version of the Trusted Platform Module specification, such as TMP 2.0 v1.59 Errata version 1.4 or higher, TMP 2.0 v1.38 Errata version 1.13 or higher, or TMP 2.0 v1.16 Errata version 1.6 or higher.

Protecting Your Windows 11 PC

While waiting for PC manufacturers to address these vulnerabilities, there are steps you can take to protect your PC. Lenovo has already released a security advisory warning that some of its systems running Nuvoton TPM 2.0 chips are vulnerable to CVE-2023-1017. It’s recommended that you limit physical access to your device, only use signed software from reputable vendors, and apply any firmware updates as soon as they become available. You should also make sure that Microsoft Defender is updated and enabled, and consider using one of the best Windows 11 antivirus software solutions for additional protection.

---

In conclusion, while TPM 2.0 chips were designed to provide enhanced security to newer PCs, these new vulnerabilities pose a significant risk to devices running Windows 11. By taking the necessary precautions, you can help protect your PC from these vulnerabilities and keep your sensitive data secure.

 

2023.02.16 - [About IT] - A Comprehensive Guide to Windows 11: Everything You Need to Know

A Comprehensive Guide to Windows 11: Everything You Need to Know