Infineon TPM Vulnerability
The information below includes a description of the vulnerability and details the steps recommended by Infineon and Fujitsu that users should take to secure affected product lines.
Infineon TPM chipsets that come with many modern-day motherboards generate insecure RSA encryption keys that put devices at risk of attack. TPM stands for Trusted Platform Module (TPM), which is. Upgrading the Firmware on Infineon TPM's. In early October of 2017, researchers announced, publicly, a cryptographic vulnerability in the RSA generation algorithms found within practically every TPM, using Infineon's RSA library. This vulnerability would effectively allow an attacker to easily guess the private key component of the RSA key.
Summary:
A vulnerability in Infineon TPM hardware has been discovered recently with outdated TPM firmware using an algorithm that generates weaker RSA keys. This page provides information on how to update outdated TPM firmware.
A vulnerability was identified in the RSA key generation method used by Trusted Platform Modules (TPMs) manufactured by Infineon and contained in some Lenovo products. RSA public keys generated by the Infineon TPM for use by certain software programs should be considered insecure. No TPMs from other manufacturers are affected.
For more detailed information please refer to the Infineon web site.
emptyMicrosoft has published additional information relating to operating systems. For detailed information please refer to the Microsoft web site.
Infineon Tpm Software
Recommended steps:
- To download the respective updates for your system, please go to the Fujitsu Support page and perform the following steps:
- Select Product.
- Select Series.
- Select Model.
- Press Go.
- Download and install the latest BIOS and/or firmware update package.
Infineon Tpm Driver
Affected Products:
A number of Fujitsu products are affected by these vulnerabilities. Fujitsu is working to distribute patches for all affected products that are currently supported. Older systems that are no longer supported will not be patched.
Fujitsu is providing an easy to use Windows-based tool for end customers to identify whether a TPM is installed in their system. If the tool finds a TPM in the system, then it will show the relevant TPM and firmware version. This tool can be found here: TPM Information Tool
Please note: for some affected products, TPM was sold as an optional component. This means that not all systems are affected by this issue.
An overview of the affected Client Computing Devices can be found here:
| Model Name | Original FW Version | Updated FW Version | Minimum BIOS Ver | Update Type | Update Tool1 |
| LIFEBOOK E544 LIFEBOOK E554 | FW4.32 | FW4.34 | No Dependency | FW Update Utility | FPC48-2383-01 Infineon TPM1.2 Firmware Update V4.34 |
| LIFEBOOK E546 LIFEBOOK E556 | FW4.40 | FW4.43 | No Dependency | FW Update Utility | FPC48-2382-01 Infineon TPM1.2 Firmware Update V4.43.257.0 |
| LIFEBOOK E546 LIFEBOOK E556 | FW5.51 | FW5.62 | vPro V1.18 non-vPro V1.25 | BIOS update and FW Tool2 | FPC48-2381-01_Infineon_TPM2.0_Firmware_Update_Tool_V1.0.0 |
| LIFEBOOK E547 LIFEBOOK E557 | FW5.61 | FW5.62 | vPro V1.13 non-vPro V1.09 | BIOS update and FW Tool2 | FPC48-2381-01_Infineon_TPM2.0_Firmware_Update_Tool_V1.0.0 |
| LIFEBOOK E734 LIFEBOOK E744 LIFEBOOK E754 | FW4.32 | FW4.34 | No Dependency | FW Update Utility | FPC48-2383-01 Infineon TPM1.2 Firmware Update V4.34 |
| LIFEBOOK E736 LIFEBOOK E746 LIFEBOOK E756 | FW4.40 | FW4.43 | No Dependency | FW Update Utility | FPC48-2382-01 Infineon TPM1.2 Firmware Update V4.43.257.0 |
| LIFEBOOK E736 LIFEBOOK E746 LIFEBOOK E756 | FW5.51 | FW5.62 | vPro V1.21 non-vPro V1.27 | BIOS update and FW Tool2 | FPC48-2381-01_Infineon_TPM2.0_Firmware_Update_Tool_V1.0.0 |
| LIFEBOOK P727 | FW5.61 | FW5.62 | V1.12 | BIOS update and FW Tool2 | FPC48-2381-01_Infineon_TPM2.0_Firmware_Update_Tool_V1.0.0 |
| LIFEBOOK T725 | FW4.40 | FW4.43 | No Dependency | FW Update Utility | FPC48-2382-01 Infineon TPM1.2 Firmware Update V4.43.257.0 |
| LIFEBOOK T726 | FW4.40 | FW4.43 | No Dependency | FW Update Utility | FPC48-2382-01 Infineon TPM1.2 Firmware Update V4.43.257.0 |
| LIFEBOOK T726 | FW5.51 | FW5.62 | V1.15 | BIOS update and FW Tool2 | FPC48-2381-01 Infineon TPM2.0 Firmware Update Tool V1.0.0 |
| LIFEBOOK T734 | FW4.32 | FW4.34 | No Dependency | FW Update Utility | FPC48-2383-01 Infineon TPM1.2 Firmware Update V4.34 |
| LIFEBOOK T904 | FW4.32 | FW4.34 | No Dependency | FW Update Utility | FPC48-2383-01 Infineon TPM1.2 Firmware Update V4.34 |
| LIFEBOOK T935 | FW4.40 | FW4.43 | No Dependency | FW Update Utility | FPC48-2382-01 Infineon TPM1.2 Firmware Update V4.43.257.0 |
| LIFEBOOK T936 | FW5.51 | FW5.62 | V1.14 | BIOS update and FW Tool2 | FPC48-2381-01_Infineon_TPM2.0_Firmware_Update_Tool_V1.0.0 |
| LIFEBOOK T936 | FW4.40 | FW4.43 | No Dependency | FW Update Utility | FPC48-2382-01 Infineon TPM1.2 Firmware Update V4.43.257.0 |
| LIFEBOOK T937 | FW5.61 | FW5.62 | V1.13 | BIOS update and FW Tool2 | FPC48-2381-01 Infineon TPM2.0 Firmware Update Tool V1.0.0 |
| LIFEBOOK U727 | FW5.61 | FW5.62 | V1.18 | BIOS update and FW Tool2 | FPC48-2381-01 Infineon TPM2.0 Firmware Update Tool V1.0.0 |
| LIFEBOOK U727 6th Gen | FW5.61 | FW5.62 | V1.06 | BIOS update and FW Tool2 | FPC48-2381-01_Infineon_TPM2.0_Firmware_Update_Tool_V1.0.0 |
| LIFEBOOK U745 | FW4.40 | FW4.43 | No Dependency | FW Update Utility | FPC48-2382-01 Infineon TPM1.2 Firmware Update V4.43.257.0 |
| LIFEBOOK U745 | FW5.51 | FW5.62 | V1.20 | BIOS update and FW Tool2 | FPC48-2381-01_Infineon_TPM2.0_Firmware_Update_Tool_V1.0.0 |
| LIFEBOOK U747 LIFEBOOK U757 | FW5.61 | FW5.62 | V1.18 | BIOS update and FW Tool2 | FPC48-2381-01_Infineon_TPM2.0_Firmware_Update_Tool_V1.0.0 |
| LIFEBOOK U747 6th Gen LIFEBOOK U757 6th Gen | FW5.61 | FW5.62 | V1.06 | BIOS update and FW Tool2 | FPC48-2381-01_Infineon_TPM2.0_Firmware_Update_Tool_V1.0.0 |
| LIFEBOOK U904 | FW4.32 | FW4.34 | No Dependency | FW Update Utility | FPC48-2383-01 Infineon TPM1.2 Firmware Update V4.34 |
| LIFEBOOK U937 | FW5.61 | FW5.62 | V1.10 | BIOS update and FW Tool2 | FPC48-2381-01_Infineon_TPM2.0_Firmware_Update_Tool_V1.0.0 |
| STYLISTIC Q616 | FW4.40 | FW4.43 | No Dependency | FW Update Utility | FPC48-2382-01 Infineon TPM1.2 Firmware Update V4.43.257.0 |
| STYLISTIC Q616 | FW5.51 | FW5.62 | V1.12 | BIOS update and FW Tool2 | FPC48-2381-01_Infineon_TPM2.0_Firmware_Update_Tool_V1.0.0 |
| STYLISTIC Q665 | FW4.40 | FW4.43 | No Dependency | FW Update Utility | FPC48-2382-01 Infineon TPM1.2 Firmware Update V4.43.257.0 |
| STYLISTIC Q704 | FW4.32 | FW4.34 | No Dependency | FW Update Utility | FPC48-2383-01 Infineon TPM1.2 Firmware Update V4.34 |
| STYLISTIC Q736 | FW4.40 | FW4.43 | No Dependency | FW Update Utility | FPC48-2382-01 Infineon TPM1.2 Firmware Update V4.43.257.0 |
| STYLISTIC Q736 | FW5.51 | FW5.62 | V1.15 | BIOS update and FW Tool2 | FPC48-2381-01_Infineon_TPM2.0_Firmware_Update_Tool_V1.0.0 |
| STYLISTIC Q737 | FW5.61 | FW5.62 | V1.11 | BIOS update and FW Tool2 | FPC48-2381-01_Infineon_TPM2.0_Firmware_Update_Tool_V1.0.0 |
| STYLISTIC Q775 | FW4.40 | FW4.43 | No Dependency | FW Update Utility | FPC48-2382-01 Infineon TPM1.2 Firmware Update V4.43.257.0 |
| STYLISTIC R726 | FW4.40 | FW4.43 | No Dependency | FW Update Utility | FPC48-2382-01 Infineon TPM1.2 Firmware Update V4.43.257.0 |
| STYLISTIC R726 | FW5.61 | FW5.62 | vPro V1.18 non-vPro V1.18 | BIOS update and FW Tool2 | FPC48-2381-01_Infineon_TPM2.0_Firmware_Update_Tool_V1.0.0 |
| 1. Please see FAI Mobile Downloads site for postings. 2. The FW Tool must be used with BIOS update, although the BIOS update can be applied separately. | |||||
WARNING:
Clearing the TPM resets it to factory defaults. All created keys will be deleted and you will therefore lose access to any data encrypted by those keys. For more detailed information regarding TPM Clear please refer also to the following Microsoft site.
* Please note that this information is subject to change without any prior notice.