Infineon TPM Vulnerability

The information below includes a description of the vulnerability and details the steps recommended by Infineon and Fujitsu that users should take to secure affected product lines.

Summary:

A vulnerability in Infineon TPM hardware has been discovered recently with outdated TPM firmware using an algorithm that generates weaker RSA keys. This page provides information on how to update outdated TPM firmware.

For more detailed information please refer to the Infineon web site.

Microsoft has published additional information relating to operating systems. For detailed information please refer to the Microsoft web site.

Recommended steps:

1. Consult the list of affected Fujitsu systems.
2. To download the respective updates for your system, please go to the Fujitsu Support page and perform the following steps:

Select Product.
Select Series.
Select Model.
Press Go.
Download and install the latest BIOS and/or firmware update package.

Affected Products:

A number of Fujitsu products are affected by these vulnerabilities. Fujitsu is working to distribute patches for all affected products that are currently supported. Older systems that are no longer supported will not be patched.

Fujitsu is providing an easy to use Windows-based tool for end customers to identify whether a TPM is installed in their system. If the tool finds a TPM in the system, then it will show the relevant TPM and firmware version. This tool can be found here: TPM Information Tool
Please note: for some affected products, TPM was sold as an optional component. This means that not all systems are affected by this issue.

An overview of the affected Client Computing Devices can be found here

Infineon web site

Microsoft web site

Fujitsu Support page