Resolution
Recommended Actions:
Step 1: Apply All Microsoft® Windows Operating Systems Security Updates.
Step 2: Determine devices in your organization that are affected - Use event log entries.
NOTE: After the applicable Windows update is applied, the system will generate Event ID 1794 in the Event Viewer after each reboot under Windows Logs - System when vulnerable firmware is identified. On devices running Windows 10 that have the October 2017 security update installed, in a CMD prompt, type "TPM.MSC" to open the Trusted Platform Module (TPM) Management snap-in. Devices with affected TPM modules will display the following error message: (Shown Below)
IMPORTANT NOTE: Refer to Microsoft® Security TechCenter document before clearing & resetting TPM keys
https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/ADV170012 )
Downloads here
* What is a TPM?
Trusted Platform Module (TPM) is an international standard for a secure cryptoprocessors that can securely store critical data such as passwords, certificates and encryption keys. TPM is a dedicated microcontroller designed to secure hardware by integrating cryptographic keys into devices and is used for secured crypto processes within computing devices as well as for secured storage of critical data. TPMs are typically used in business laptops, routers and embedded and IoT devices. The technical TPM specification was written by an industry consortium called Trusted Computing Group (TCG).
Recommended Actions:
Step 1: Apply All Microsoft® Windows Operating Systems Security Updates.
Step 2: Determine devices in your organization that are affected - Use event log entries.
NOTE: After the applicable Windows update is applied, the system will generate Event ID 1794 in the Event Viewer after each reboot under Windows Logs - System when vulnerable firmware is identified. On devices running Windows 10 that have the October 2017 security update installed, in a CMD prompt, type "TPM.MSC" to open the Trusted Platform Module (TPM) Management snap-in. Devices with affected TPM modules will display the following error message: (Shown Below)
- "The TPM is ready for use. The TPM firmware on this PC has a known security problem. Please contact your PC manufacturer to find out if an update is available. For more information please go to https://go.microsoft.com/fwlink/?linkid=852572."
- If you determine that you do not have an Infineon® TPM capable system then no further action is required.
- If your PC is affected, go to Step 3 below to locate your PC model and firmware availability.
- If your firmware is not available, Microsoft® has provided the following mitigation process that is recommened until the release of the firmware update package.
- Microsoft® Security TechCenter - https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/ADV170012
- If your firmware is not available, Microsoft® has provided the following mitigation process that is recommened until the release of the firmware update package.
IMPORTANT NOTE: Refer to Microsoft® Security TechCenter document before clearing & resetting TPM keys
https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/ADV170012 )Downloads here
* What is a TPM?
Trusted Platform Module (TPM) is an international standard for a secure cryptoprocessors that can securely store critical data such as passwords, certificates and encryption keys. TPM is a dedicated microcontroller designed to secure hardware by integrating cryptographic keys into devices and is used for secured crypto processes within computing devices as well as for secured storage of critical data. TPMs are typically used in business laptops, routers and embedded and IoT devices. The technical TPM specification was written by an industry consortium called Trusted Computing Group (TCG).
