It’s also worth noting that malware could be used to exploit these flaws so you’ll want to make sure that Microsoft Defender is updated and enabled. We’ll likely see other PC makers address these flaws soon but in the meantime, it’s recommended that Windows 11 users limit physical access to their devices, only use signed software from reputable vendors and apply any firmware updates as soon as they become available. TMP 2.0 v1.16 Errata version 1.6 or higherĪlthough there is a workaround to protect vulnerable PCs from these flaws, so far, only Lenovo has released a security advisory (opens in new tab) about them in which it warns that some of its systems running Nuvoton TPM 2.0 chips are vulnerable to CVE-2023-1017.TMP 2.0 v1.38 Errata version 1.13 or higher.TMP 2.0 v1.59 Errata version 1.4 or higher.
Basically, it involves vendors moving to a fixed version of the Trusted Platform Module specification, more specifically either of the ones listed below: To make matters worse, the CERT Coordination Center at Carnegie Mellon University published an alert (opens in new tab) in which it warned that an exploit leveraging these vulnerabilities would be essentially “undetectable” by the devices themselves as well as the best antivirus software.įortunately, the Trusted Computing Group (TCG) has come up with a fix for now in a new security bulletin (opens in new tab) (PDF). This would completely negate the added security that TPM 2.0 chips were designed to add to Windows 11 in the first place. The vulnerabilities in question (tracked as CVE 2023-1017 (opens in new tab) and CVE-2023-1018 (opens in new tab)) could be exploited by an attacker to escalate privileges and steal sensitive data from vulnerable devices.