Kudos1 Estadisticas

TPM 2.0 vulnerabilities make Microsoft look like clowns

So much for the Microsoft "bully pulpit" for TPM just to install and run Windows 11 legally. 

Very disturbing quote from the article:

To make matters worse, the CERT Coordination Center at Carnegie Mellon University published an alert in which it warned that an exploit leveraging these vulnerabilities would be essentially “undetectable” by the devices themselves as well as the best antivirus software


 CVE 2023-1017 and CVE-2023-1018

The general recommendation for vendors:

Fortunately, the Trusted Computing Group (TCG) has come up with a fix for now in a new security bulletin (PDF). Basically, it involves vendors moving to a fixed version of the Trusted Platform Module specification, more specifically either of the ones listed below:

  • TMP 2.0 v1.59 Errata version 1.4 or higher
  • TMP 2.0 v1.38 Errata version 1.13 or higher
  • TMP 2.0 v1.16 Errata version 1.6 or higher


MS Certified Professional Windows 11 Home 22H2 x 64 build 22621.1702 - Windows 10 Pro x 64 version 22H2 / build 19045.3031 / Norton Security Ultra - Norton 360 Deluxe ver. / Opera GX LVL4 (core: 98.0.4759.74) 64 bit-Early Access w/Norton Chrome Extensions