Billions of devices running Windows 11 are vulnerable to newly discovered flaws in the Trusted Platform Module (TPM) 2.0 chips that are designed to improve their security. The TPM 2.0 chips have been added to motherboards by PC manufacturers since 2016 and are used to generate and store cryptographic keys and other sensitive data. The vulnerabilities, discovered by security experts Francisco Falcon and Ivan Arce from Quarkslab, are buffer overflow vulnerabilities that could be exploited by attackers to steal sensitive data from vulnerable devices and escalate privileges. The vulnerabilities are being tracked as CVE-2023-1017 and CVE-2023-1018 and are a cause for concern as they could put billions of devices at risk.
Despite the fact that TPM 2.0 chips were intended to make Windows 11 more secure than its predecessor, they could be completely negated by these vulnerabilities. The vulnerabilities could impact the security measures that take place when a PC first boots up and provide authentication for Windows Hello face recognition. TPM is required for some Windows security features such as Measured Boot, Device Encryption, Windows Defender System Guard (DRTM), and Device Health Attestation, but it is not required for some commonly used features. When TPM is available, however, the security features in Windows are enhanced and better able to protect sensitive information and encrypt data.
The CERT Coordination Center at Carnegie Mellon University has warned that an exploit leveraging these vulnerabilities would be essentially “undetectable” by the devices themselves as well as the best antivirus software. The Trusted Computing Group (TCG) has come up with a fix for now in a new security bulletin, which involves vendors moving to a fixed version of the Trusted Platform Module specification. PC manufacturers are expected to address these flaws soon, but in the meantime, Windows 11 users should limit physical access to their devices, only use signed software from reputable vendors, and apply any firmware updates as soon as they become available.
Users are also advised to update and enable Microsoft Defender, as malware could be used to exploit these flaws. Additionally, users may want to consider using one of the best Windows 11 antivirus software solutions for additional protection.