{"id":7519,"date":"2018-10-28T00:09:00","date_gmt":"2018-10-27T22:09:00","guid":{"rendered":"http:\/\/159.69.82.204\/win\/?p=7519"},"modified":"2020-12-13T07:37:53","modified_gmt":"2020-12-13T06:37:53","slug":"surface-pro-3-vulnerability-in-tpm-chip-update-required","status":"publish","type":"post","link":"https:\/\/borncity.com\/win\/2018\/10\/28\/surface-pro-3-vulnerability-in-tpm-chip-update-required\/","title":{"rendered":"Surface Pro 3: Vulnerability in TPM chip&ndash;update required!"},"content":{"rendered":"<p><img loading=\"lazy\" decoding=\"async\" style=\"float: left; margin: 0px 10px 0px 0px; display: inline\" src=\"https:\/\/web.archive.org\/web\/20180729113450\/https:\/\/v47.imgup.net\/Surface218b.jpg\" width=\"71\" align=\"left\" height=\"52\">[<a href=\"https:\/\/www.borncity.com\/blog\/2018\/10\/27\/surface-pro-3-schwachstelle-im-tpm-chip-updaten\/\" target=\"_blank\" rel=\"noopener noreferrer\">German<\/a>]Microsoft have been used TPM chips from Infineon in Surface Pro 3. These chips probably contain vulnerabilities in some versions. Affected owners of a Surface Pro 3 should therefore install an TPM update.&nbsp; <\/p>\n<p><!--more--><\/p>\n<p>I recently wrote something about attacks on Trusted Platform Mobile (TPM) chips in the article <a href=\"https:\/\/borncity.com\/win\/2018\/08\/30\/sicherheit-angriff-auf-tpm-und-intel-me-dump\/\">Security: TPM vulnerable; and dump mode for Intel ME<\/a>. And almost exactly one year ago Microsoft addressed in ADV170012 a vulnerability (CVE-2017-15361) in TPM in an advisory (see my blog post <a href=\"https:\/\/borncity.com\/win\/2018\/01\/29\/microsoft-surface-tpm-updates-coil-whine-and-lte-image\/\">Microsoft Surface: TPM updates, coil whine and LTE image<\/a>). <\/p>\n<p>At German site Dr. Windows I <a href=\"https:\/\/www.drwindows.de\/news\/schwachstelle-im-tpm-chip-des-surface-pro-3-manuelles-update-noetig\" target=\"_blank\" rel=\"noopener noreferrer\">just read<\/a>, that the CVE-2017-15361 vulnerability within the Surface Pro 3 TPM chips could cause attackers to bypass cryptographic functions and grab keys for bitlockers, PGP, YubiKey, or disk encryption in Chrome OS.&nbsp; <\/p>\n<p><img loading=\"lazy\" decoding=\"async\" alt=\"\" src=\"https:\/\/web.archive.org\/web\/20191115094532\/https:\/\/f13.imgup.net\/surface04e588.jpg\" width=\"606\" height=\"341\"><br \/>(Source: Microsoft)  <\/p>\n<p>To find out exactly which Infineon TPM chips are affected by CVE-2017-15361, please visit <a href=\"https:\/\/www.cvedetails.com\/cve\/CVE-2017-15361\/\" target=\"_blank\" rel=\"noopener noreferrer\">this website<\/a>. For affected devices, the device manufacturers probably provide a firmware update for the TPM chip. Microsoft has done this for Surface Pro 3, but the TPM update will probably have to be installed manually.<\/p>\n<p>Microsoft has published <a href=\"https:\/\/support.microsoft.com\/en-us\/help\/4073006\/security-issue-for-tpm-on-surface-devices\" target=\"_blank\" rel=\"noopener noreferrer\">KB4073006<\/a> about updating the TPM on Surface devices on Jun 2018. There is also an article <a href=\"https:\/\/support.microsoft.com\/en-us\/help\/4100374\/surface-pro-3-trusted-platform-module-tpm-update-tool\" target=\"_blank\" rel=\"noopener noreferrer\">Install and use the Surface Pro 3 Trusted Platform Module (TPM) update tool<\/a> from July 2018, that addresses this topic. German MVP and blogger Ralf Eiberger has also a (German) blog post <a href=\"https:\/\/www.surfaceinside.de\/tpm-update-beim-surface-pro-3\/\" target=\"_blank\" rel=\"noopener noreferrer\">TPM Update beim Surface Pro 3<\/a> (<a href=\"https:\/\/translate.google.com\/translate?hl=de&amp;sl=auto&amp;tl=en&amp;u=https%3A%2F%2Fwww.surfaceinside.de%2Ftpm-update-beim-surface-pro-3%2F\" target=\"_blank\" rel=\"noopener noreferrer\">Google Translate<\/a>), describing in detail, how to update TPM on a Surface Pro 3. <\/p>\n<p><strong>Similar articles:<\/strong><br \/><a href=\"https:\/\/borncity.com\/win\/2018\/08\/30\/sicherheit-angriff-auf-tpm-und-intel-me-dump\/\">Security: TPM vulnerable; and dump mode for Intel ME<\/a><br \/><a href=\"https:\/\/borncity.com\/win\/2018\/01\/29\/microsoft-surface-tpm-updates-coil-whine-and-lte-image\/\">Microsoft Surface: TPM updates, coil whine and LTE image<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>[German]Microsoft have been used TPM chips from Infineon in Surface Pro 3. These chips probably contain vulnerabilities in some versions. Affected owners of a Surface Pro 3 should therefore install an TPM update.&nbsp;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[448,580],"tags":[69,114],"class_list":["post-7519","post","type-post","status-publish","format-standard","hentry","category-devices","category-security","tag-security","tag-surface-pro-3"],"_links":{"self":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/7519","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/comments?post=7519"}],"version-history":[{"count":0,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/7519\/revisions"}],"wp:attachment":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/media?parent=7519"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/categories?post=7519"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/tags?post=7519"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}