Share this article

Latest news

With KB5043178 to Release Preview Channel, Microsoft advises Windows 11 users to plug in when the battery is low

Copilot in Outlook will generate personalized themes for you to customize the app

Microsoft will raise the price of its 365 Suite to include AI capabilities

Death Stranding Director’s Cut is now Xbox X|S at a huge discount

Outlook will let users create custom account icons so they can tell their accounts apart easier

TPM Windows devices aren’t that safe, according to researchers

3 min. read

Updated onOctober 4, 2023

updated onOctober 4, 2023

Share this article

Read our disclosure page to find out how can you help Windows Report sustain the editorial teamRead more

Key notes

Needless to say, ever since the Redmond tech company first announced Windows 11 as the future OS, there has been endless talk about some of thehardware requirementsthat devices need to fulfill.

Many didn’t agree with the imposed TPM 2.0 restrictions and this subject has sparked reactions of all kinds from Windows users.

Microsoft held its ground and kept reassuring people that this TPM requirement is for their own safety, because of the enhanced level of protection it was going to offer.

However, some experts recently found that even with these security chips in place, we still can’t be entirely safe from malicious entities, on the off chance that someone gets their hands on ourWindows 11device.

We’re not as safe as Microsoft wants you to think

We’re not as safe as Microsoft wants you to think

The tech giant showed an iron will when it came to not cracking under public pressure, especially after the backlash that theTPM 2.0requirement brought with it from the community.

They advertised this hardware feature as it if was their own andsaid that users were going to be protected because of this tiny chip.

Trusted Platform Module (TPM) technology is designed to provide hardware-based, security-related functions. A TPM chip is a secure crypto-processor that is designed to carry out cryptographic operations. The chip includes multiple physical security mechanisms to make it tamper-resistant, and malicious software is unable to tamper with the security functions of the TPM.

Experts from Dolos Groupfound out that, in fact, if one of us were to lose his laptop or have it stolen, TPM could do little to prevent hackers from wreaking havoc.

At the time of this writing, BitLocker does not utilize any encrypted communication features of the TPM 2.0 standard, which means any data coming out of the TPM is coming out in plaintext, including the decryption key for Windows. If we can grab that key, we should be able to decrypt the drive, get access to the VPN client config, and maybe get access to the internal network.

By using this exploit together with other ingenious schemes, researchers were able to take a stolen corporate laptop (as a scenario) and effectively gain access to its associated corporate network, leaving data exposed and vulnerable.

As they further described, after cracking open said laptop, a pre-equipped attacker would use a SOIC-8 clip instead of individual probes, in order to compromise the TPM security chip.

The clip would make it extremely simple to connect to the chip and shave a couple of minutes off a real-world attack.

The entire process is explained in full detail and it is an interesting read if you have a vast technical background and are into this kind of knowledge.

This is disconcerting news, considering that Microsoft made such a big deal about us upgrading to devices that already have such security features integrated.

With that being said, the Redmond-based tech company could do a better job at offering a more secure future for BitLocker, one where such hacking methods are no longer possible.

You might also like to know that you can install Microsoft’s upcoming operating systemeven without the imposed TPM requirement.

What is your take on this whole situation? Share your opinion with us in the comments section below.

More about the topics:Windows 11

Alexandru Poloboc

Tech Journalist

With an overpowering desire to always get to the bottom of things and uncover the truth, Alex spent most of his time working as a news reporter, anchor, as well as TV and radio entertainment show host.

A certified gadget freak, he always feels the need to surround himself with next-generation electronics.

When he is not working, he splits his free time between making music, gaming, playing football, basketball and taking his dogs on adventures.

User forum

0 messages

Sort by:LatestOldestMost Votes

Comment*

Name*

Email*

Commenting as.Not you?

Save information for future comments

Comment

Δ

Alexandru Poloboc

Tech Journalist

With a desire to always get to the bottom of things and uncover the truth, Alex spent most of his time working as a news reporter.