If you are a PC user, you may have heard the term TPM 2.0. This is a Windows 11 requirement that Microsoft made it mandatory for system installation. That decision, which angered many users who did not have this chip in their computers, was justified by the security benefits it offered.
The Trusted Platform Module version 2.0 was billed as a security feature to power strong authentication, password storage, and encryption functions. However, two vulnerabilities have recently been detected in the TPM 2.0 specification.
What is the problem with TPM 2.0
According to Trusted Computing Groupthe non-profit organization behind the specification, the vulnerability status of TPM 2.0 is presented in a scenario of buffer overflowalso know as buffer overflow. In other words, a type of vulnerability widely used to execute attacks, although these must be directed.
The two vulnerabilities, which have been classified as CVE-2023-1017 and CVE-2023-1018, must be exploited locally on the computer and with code specifically designed for this purpose. However, the attackers could resort to various methods to accomplish their mission without necessarily being in front of the victim’s computer.
Remember that a memory overflow occurs when a program exceeds the memory limit and write data in the adjacent space. Specifically, the problem with TPM 2.0 lies in its module library, which allows an additional 2 bytes to be written or read beyond what is established in the CryptParameterDecryption routine.
If attackers manage to overflow its memory capacity, as if it were a glass of water, they could block TPM 2.0, which would nullify its security features. In addition, the researchers explain, it would be possible to execute arbitrary code within the protected memory and access sensitive data.
The solution is on the way
The TPM 2.0 security flaw can be resolved by installing a firmware update on the affected devices. Companies, for their part, have begun to take action on the matter and Lenovo, which is the world’s largest PC manufacturer, just issued a security advisory warning its users.
It is still too early to calculate the scope and real risks of the mentioned vulnerabilities. However, it is important to take them into account in case the manufacturer of our computer releases a new version of the firmware. A simple update can help us avoid potential security problems.
Images: Microsoft
In Xataka: Windows 12 in sight: Intel and Microsoft give clues to a new version focused, of course, on AI