Windows 10: RSA Keys Generated by Infineon TPMs are Insecure

Read more: RSA Keys Generated by Infineon TPMs are Insecure

:)

 

Windows update fails repeatedly to install 1709

I get following message:

You need to remove these apps yourself and then press REFRESH: INFINEON TPM Professional Package

I search my C Drive for Infineon and find two Infineon Folders (one in AppData/Roaming and one C:/Program Data) plus a dll file "Infineon.SecurityPlatform.Reporting"

The folders contain several subfolders and files, but none named TPM Professional package.

What should I do? Delete all Infineon folders/files? Or some of them? Which?

Then, assuming 1709 installs OK, what about Infineon TPM, will the PC remain without Infineon TPM??

Or should I ignore completely the 1709 Update? Is it essential?

Thank for any help

Cheers

 

Repeated Failure with Windows 10 Update to 1709

Q: Remove Infineon TPM for Winsows Update to install 1709

I get following message:

You need to remove these apps yourself and then press REFRESH: INFINEON TPM Professional Package

I search my C Drive for Infineon and find two Infineon Folders (one in AppData/Roaming and one C:/Program Data) plus a dll file "Infineon.SecurityPlatform.Reporting"

The folders contain several subfolders and files, but none named TPM Professional package.

What should I do? Delete all Infineon folders/files? Or some of them? Which?

Then, assuming 1709 installs OK, what about Infineon TPM, will the PC remain without Infineon TPM?? Are the Infineon files really needed on the C-Drive for the system to function OK?? If so, Should I save the Infineon Folders to
a pen drive, then delete them from the C Drive, run the 1709 Update and (assuming it succeeds) then, if I really must have the Infineon in my C drive, shift the folders back to where they were before in the C Drive?

Or should I ignore completely the 1709 Update? Is it essential?

Thank for any help

Cheers

 

I'm waiting on a update from infineon as mine is a infineon chip but i can't find any updates for my firmware at MSI website as its msi but the chip is infineon, i sent infineon a email have yet to hear back as to how i get it updated.

 

Asus use the Infineon chip in their TPM's and windows is telling me that it's not secure. I won't hold out much hope of Asus up dating the bios as the number of people that are using TPM's is probably quite small - but one lives in hope.

 

This news article was generated by my post here Infineon TPM Modules generating insecure RSA Keys - Windows 10 Forums. In that post I tell you how to check which TPM module you have and where to get the fix from if you're a Lenovo notebook user.

BTW if you are a Lenovo notebook user and opted to be notified on new updates via e-mail, you should have gotten a notice on this already. See my link for more details.

With that for those owning laptops and have an Infineon chip check the manufacturer's site for an update & fix.

 

I wish its a home built system with MSI mainboard and MSI TPM chip by infineon as in the TPM.MSC it shows it as IFX and i pulled it out of the pc an its a Infineon TPM 1.2 . not sure how i can get the update for it as infineon does not provide them to end users and MSI has nothing about it on there website.

 

I edited my post while you were quoting me so they no longer align. Sorry.

Anyway, In your case I have no answer other than to perhaps point MSI tech support to the news article here, or call MSI personally and see what they have to say. Unfortunately the information from my article and the one here is generated by Lenovo, so I can't say how other vendors may be dealing with the issue - or if they even view this as an issue.

The other thing is how far back are we going here - are these new, old, or both chips. Are they only TPM 1.2, 2.0, or both? Again, we only see what Lenovo is doing, so....

 

https://www.infineon.com/cms/en/prod...es/tpm-update/ this may help more on the issue so we have more info on ti as well.

 

I was just about the post that link to you when I saw your post *Smile

Anyway cleaned up this is the same link - TPMupdate - Infineon Technologies

It looks like this issue mainly affects notebooks not desktops, but....

 

yeah seen that going to take your advice though and give MSI a phone call *Smile

 

Question - Is this a desktop or laptop?

I'm not aware of any store bought motherboards coming with TMP chips installed. Every motherboard I bought never came with one. This includes 3 Gigabyte boards, 3 Intel boards, and a couple of Abit boards.

All that said, if this is a custom desktop build, did your board actually come with a TPM chip or did you add it later? If you purchased it separately, you may be on your own.

 

it was a added on chip on my home built system i bought it with the mainboard from MSI . it's a desktop.

 

sygnus21
"I'm not aware of any store bought motherboards coming with TMP chips installed. Every motherboard I bought never came with one. This includes 3 Gigabyte boards, 3 Intel boards, and a couple of Abit boards."

My Asrock Gaming K6 has an on board TPM, fortunately it's an Intel chip. My Asus has the plug in 14-1 pin, so I'm not expecting Asus to do much. Although the TPM is made by Asus and has their name on it.

 

I didn't think it was impossible, just rare. That said, yes most newer boards will have the 14 pin plugin, my last two boards have one. In fact I bought a TPM for my Z170 board and just moved it over to my active Z270 Gigabyte board. Turns out even though the chip has Gigabyte's name on it, it's an Infineon chip. I used Lenovo's firmware updater check the chip and it say's it doesn't need the update, but I'm not sure I should trust the updater.