Infineon Technologies Trusted Platform Modules (TPMs), Security Feature Bypass Vulnerability



Document ID: 4015874

 

Posted Date: 2017-10-16

 

Last Updated: 2017-10-16

 

Distribution: View Public Website

 

Issue

 

Infineon® Technologies Trusted Platform Modules (TPMs), Security Feature Bypass Vulnerability

NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.

Potential Security Impact: A security vulnerability exists in certain Trusted Platform Module (TPM) firmware. The vulnerability weakens key strength. It is important to note that this is a firmware vulnerability, and not a vulnerability in the operating system or a specific application. Toshiba is working closely with Infineon® to validate their fix and ensure it works across Toshiba’s range of products. Until firmware updates are available, it is recommended that people and companies using Toshiba PCs and devices that incorporate TPMs to take steps to maintain the security of their systems and information.

Source: Infineon® & Microsoft® Security TechCenter

 

For general guidance on this issue, please see this announcement from Infineon® & Microsoft® 

       Infineon® Technologies - https://www.infineon.com/cms/en/product/promopages/tpm-update/?redirId=59160

       Microsoft® Security TechCenter - https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/ADV170012

 

Resolution

 

Recommended Actions:

Step 1: Apply All Microsoft® Windows Operating Systems Security Updates. 

Step 2: Determine devices in your organization that are affected - Use event log entries.

NOTE: After the applicable Windows update is applied, the system will generate Event ID 1794 in the Event Viewer after each reboot under Windows Logs - System when vulnerable firmware is identified. On devices running Windows 10 that have the October 2017 security update installed, in a CMD prompt, type "TPM.MSC" to open the Trusted Platform Module (TPM) Management snap-in. Devices with affected TPM modules will display the following error message: (Shown Below)

  • "The TPM is ready for use. The TPM firmware on this PC has a known security problem. Please contact your PC manufacturer to find out if an update is available. For more information please go to https://go.microsoft.com/fwlink/?linkid=852572."
  • If you determine that you do not have an Infineon® TPM capable system then no further action is required.
  • If your PC is affected, go to Step 3 below to locate your PC model and firmware availability.

Step 3: Download and run the firmware update tool provided by Toshiba

 

IMPORTANT NOTERefer to Microsoft® Security TechCenter document before clearing & resetting TPM keys:( https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/ADV170012 )

 

For help finding your model number CLICK HERE

 

Toshiba’s TPM Firmware Release Schedule:

Infineon Chipset Version: SLB 9660 TPM 1.2
Model Name Model
Number
Affected
Firmware
FW Version
to Fix Issue
Target Available Date Link to Firmware
PORTEGE WT20-B PT15C FW 4.40 FW 4.43 Available

Download 

Installation Instructions

PORTEGE Z20t-B PT15A
PT15B
PORTEGE Z30-B PT251
PT253
PT254
PORTEGE Z30-C PT261
PT263
Satellite Pro A50-C PS56A
PS56C
PS56J
Satellite Pro R50-B PSSG2
PSSG3
PSSG7
Satellite Pro R50-C PS562
PS566
TECRA A50-C PS569
PS56D
PS56H
PS56M
PS57B
TECRA C50-B PSSG3
PSSG6
PSSG7
TECRA C50-C PS561
PS563
PS565
TECRA Z40-B PT454
PT459
PT45F
PT45G
TECRA Z40-C PT463

 

 

Infineon Chipset Version: SLB 9665 TPM 2.0 (Based on BIOS Versions)
Model Name Model Affected Firmware FW Version
to Fix Issue
Required BIOS
Version v2.60
TPM FW Update
Version 1.0.0.1
PORTEGE X30-D PT272 FW 5.61 FW 5.62 BIOS-Download

TPMFW-Download

Installation Insturctions

PT274
TECRA X40-D PT472
PT474

 

Model Name Model Affected Firmware FW Version
to Fix Issue
Required BIOS
Version v3.00
TPM FW Update
Version 1.0.0.1
PORTEGE X20W-D PRT12 FW 5.51 FW 5.62 BIOS-Download

TPMFW-Download

Installation Instructions

PRT12
PRT13

 

Model Name Model Affected Firmware FW Version
to Fix Issue
Required BIOS
Version v4.10
TPM FW Update
Version 1.0.0.1
PORTEGE R30-D PT381 FW 5.61 FW 5.62 BIOS-Download

TPMFW-Download

Installation Instructions

PT382
PT383
PT385
Satellite Pro A50-D PS585
Satellite Pro R50-D PS581
PS582
PS586
TECRA A40-D PS481
PS482
PS483
PS485
PS486
TECRA A50-D PS589
PS58A
PS58B
PT583
TECRA Z50-D PT581

 

Model Name Model Affected Firmware FW Version
to Fix Issue
Required BIOS
Version v6.00
TPM FW Update
Version 1.0.0.1
PORTEGE Z20t-C PT16A FW 5.50 FW 5.62 BIOS-Download

TPMFW-Download

Installation Instructions

PT16B
PORTEGE WT20-C PT16C FW 5.51
PORTEGE Z20t-C PT16A
PT16B

 

Model Name Model Affected Firmware FW Version
to Fix Issue
Required BIOS
Version v6.40
TPM FW Update
Version 1.0.0.1
PORTEGE Z30-C PT261 FW 5.50 FW 5.62 BIOS-Download

TPMFW-Download

Installation Instructions

PT263
PT265
TECRA Z40-C PT461
PT463
PT465
PORTEGE Z30-C PT261 FW 5.51
PT263
PT265
TECRA Z40-C PT461
PT463
PT465

 

Model Name Model Affected Firmware FW Version
to Fix Issue
Required BIOS
Version v8.10
TPM FW Update
Version 1.0.0.1
PORTEGE R30-C PT361 FW 5.50 FW 5.62 BIOS-Download

TPMFW-Download

Installation Instructions

PT363
PT365
Satellite Pro A40-C PS461
PS462
TECRA A40-C PS463
PS465
PORTEGE R30-C PT361 FW 5.51
PT363
PT365
Satellite Pro A40-C PS461
PS462
Satellite Pro A50-C PS575
PS57D
PS57E
Satellite Pro R50-C PS571
PS572
PS573
PS576
TECRA A40-C PS463
PS465
TECRA A50-C PS579
PS57B
PS57H
PT571
PT573
PT577

 

Infineon Chipset Version: SLB 9665 TPM 2.0
Model Name Model
Number
Affected
Firmware
FW Version
to Fix Issue
Target Available Date Link to Firmware
Toshiba dynaEdge POC11 FW 5.61 FW 5.62 November 29th  

 

Infineon Chipset Version: SLB 9655 TPM 1.2
Model Name Model
Number
Affected
Firmware
FW Version
to Fix Issue
Target Available Date Link to Firmware
PORTEGE R30-A PT341 FW 4.32 FW 4.34 Febuary 2018  
PT343
PT344
PORTEGE Z10t-A PT141
PT142
PORTEGE Z30-A PT241
PT243
PORTEGE Z30t-A PT24A
PT24C
Satellite Pro A50-A PT64N
Satellite Pro R50-B PSSG0
PSSG1
PSSG4
PSSG5
TECRA A50-A PT641
PT644
PT645
PT648
PT64Q
TECRA C50-B PSSG1
PSSG4
PSSG5
TECRA W50-A PT640
TECRA Z40-A PT444
PT449
PT44F
PT44G
TECRA Z50-A PT540
PT544
PT545
WT310 PT143
PT144

 

* The information in this document is subject to change without notice.
* "Infineon" is a trademark of Infineon Technologies in the U.S. and other countries.
* "Microsoft" is a trademark of Intel Microsoft, Inc. in the U.S. and other countries.
* Other names and brands may be claimed as the property of others.

Export Control and EULA
Use of any software made available for download from this system constitutes your acceptance of the Export Control Terms and the terms in the Toshiba end-user license agreement both of which you can view before downloading any such software.