A pair of new vulnerabilities have been found within the TPM 2.0 Library by a cybersecurity company by the name of Quarkslab. These vulnerabilities have the potential to be a threat to billions of devices
These vulnerabilities involve the Trusted Platform Module, TPM for short, which is, ironically, used to improve the security of your PC and securely create and store cryptographic keys, to confirm that the operating system and firmware on your device are what they’re supposed to be and haven’t been tampered with. TPM is one of the requirements for Windows 11. According to QuarksLab two vulnerabilities CVE-2023-1017 and CVE-2023-1018 have been found in TPM 2.0 which concern an out-of-bounds-write and an out-of-bounds-read. These issues require the attacker to really know what they are doing for them to take advantage of these vulnerabilities.
The Trusted Computing Group (TCG) which is behind the TPM standard have released an errata on how to address these vulnerabilities and noted that “these shortcomings are the result of a lack of necessary length checks, resulting in buffer overflows that could pave the way for local information disclosure or escalation of privileges.” TCG recommends that vendors should apply the updates to address the flaws, which for us means that we will likely see an update from major hardware vendors to address this issue shortly.
What do you think of this? Let us know in the comments.
AMD has launched (thanks Wccftech) its new Ryzen 7 8745H APU, a part of the…
MSI has announced a new BIOS update in mid-August to address stability issues with Intel’s…
Many PC models from top brands have faced security breaches due to a weak BIOS…
Ahoy, Straw Hat fans! The wait is finally over. The beloved RPG adventure, ONE PIECE…
【Wireless & 1800mAh Battery Operated】Touch lamps bedside use a rechargeable large capacity battery of 1800mAh,…
Click to open expanded view F Energy efficiency label Product Sheet Lepro GU10 LED Bulbs, Warm White…