Quarkslab security researchers discovered two major vulnerabilities in Trusted Platform Module (TPM) 2.0, which affect billions of devices.
TPM 2.0 is a chip that manufacturers have been adding to motherboards since mid-2016. The technology, as Microsoft explains, is designed to provide security-related functions. Specifically to create, store or limit the use of cryptographic keys.
The effects of vulnerabilities vary from system to system.
A cybercriminal who has access to the TPM-command interface can execute malicious commands on the module and thereby exploit the vulnerabilities.
Lenovo is the only major OEM that has already released patches for these vulnerabilities.
0 Comments