About security vulnerability of Infineon's TPM

Release Date: Oct 26, 2017
Updated: Jan 30, 2018

Information about security vulnerability of Infineon's TPM (Trusted Platform Module) was announced.
And Microsoft released updates for workaround, Infineon released new firmware of TPM chip.
We will show the information below.
Please be advised that the information will be changed or added without notice.

Vulnerability summary

Regarding details, please refer below Microsoft and Intel site.


- Intel site

- Microsoft site

Content of countermeasure

Affected products are the models below which have TPM with specified "Manufacturer Version".

Target models

In case OS is Windows 7, the PC is affected only if
BitLocker is enabled,
or Infineon TPM professional Package is installed,
or other software which uses RSA key-pair generated by TPM chip is used.

  • ・TOUGHBOOK series:
    CF-20, CF-31, CF-33, CF-53, CF-54, CF-AX3, CF-C2, CF-D1, CF-LX3, CF-MX4,
    CF-SX4, CF-SZ6, CF-XZ6 series
  • ・TOUGHPAD series:
    FZ-G1, FZ-M1, FZ-Q1, FZ-Q2, FZ-R1, FZ-Y1 series

TPM information

* TPM Manufacturer information can be checked by
1.Press Windows key + "R" key.
2.Input "tpm.msc", and press [OK].

If "Compatible TPM cannot be found" message is displayed, the PC is not affected.


TPM Manufacturer Information

Manufacturer Name Manufacturer Version Specification version
IFX 4.32.xxx 1.2
4.40.xxx
5.51.xxx 2.0
5.61.xxx

Please check the information on the following TPM specification version.

Specification version OS Countermeasure module
1.2 Windows 10
Windows 7
Download
Released on November 14, 2017
Windows 8.1
Download
Released on January 30, 2018
2.0 Windows 10
Download
Released on November 28, 2017