Unauthorized access, elevation of privilege.
Source: HP, HP Product Security Response Team (PSRT)
Reported By: CTS-Labs
SUPPORT COMMUNICATION- SECURITY BULLETIN
Document ID: c06154544
Version: 2
HPSBHF03593 rev. 2 - Firmware Trusted Platform Module (fTPM) for Select AMD Client Systems
Notice: The information in this security bulletin should be acted upon as soon as possible.
Release date : 28-Sep-2018
Last updated : 07-Feb-2019
A security vulnerability has been identified in specific versions of the AMD firmware-based Trusted Platform Module (fTPM). The fTPM is used only on AMD platforms (see platform list below) in place of a discrete hardware-based Trusted Platform Module (TPM). This vulnerability can potentially compromise applications that utilize the fTPM.
Affected platforms have a softpaq with a firmware update for the fTPM.
CVE-N/A, PSR-2018-0233:
AMD fTPM (in English)
Microsoft operating systems
For a PGP signed version of this security bulletin, please write to:
hp-security-alert@hp.com.
CVSS 3.0 Base Metrics
|
Reference
|
Base Vector
|
Base Score
|
|
CVE-N/A
|
N/A
|
N/A
|
-
Run the Softpaq update.
-
Run TPM.MSC: Press the Win
+
R keys to open Run, type
tpm.msc, and then click/tap on
OK to open the TPM Management snap-in.
-
Check the Manufacturer version for the TPM.
-
This means AMD fTPM is enabled
-
This is the AMD fTPM version
-
-
If the Manufacturer Version starts with a 3, it is necessary to clear the TPM to fully mitigate the vulnerability.
caution:
Failure to properly prepare your system before clearing the TPM may cause data protected by a TPM key to become unavailable. Read the following section completely before continuing.
Before using any of the clear TPM instructions, follow all OS recommended preparations to disable or suspend software or system features that depend on the TPM protections (for example, precautions to take before clearing the TPM in Microsoft Windows).
-
Disable or suspend all applications and services that use the TPM.
note:
The most common use of the TPM is Microsoft Bitlocker. -
Back up all TPM protected data.
-
HP recommends that customers using Microsoft Windows on the latest HP products follow the Clear TPM instructions provided on the following Microsoft website: https://docs.microsoft.com/en-us/windows/security/information-protection/tpm/initialize-and-configure-ownership-of-the-tpm (in English).
note:
On some HP systems, the system BIOS (UEFI) might prompt the user to accept the request to clear the TPM via Windows TPM.MSC. Users must accept the change to complete clearing the TPM. Do not accept the request if this message is shown and you have not initiated clearing the TPM; instead contact your administrator.
This bulletin will be updated; check back frequently for updates. HP is identifying affected platforms and target dates for SoftPaqs. See the current list below.
Consumer PCs
|
Product Name
|
New Version
|
SoftPaq #
|
SoftPaq Link
|
|
HP Pavilion 23-p0xx All-in-One PC
|
80.05
|
SP87651
| |
|
HP All-in-One 18-xxxx
|
A0.15
|
SP87825
| |
|
Compaq All-in-One 18-xxxx
|
A0.15
|
SP87825
| |
|
HP 110-5xx
|
A0.16
|
SP87656
| |
|
HP 251-axxx
|
A0.16
|
SP87656
| |
|
HP Pavilion 550-axxx
|
A0.16
|
SP87656
| |
|
HP Slimline 450-axxx
|
A0.16
|
SP87656
| |
|
Compaq 100-xxx
|
A0.16
|
SP87656
| |
|
HP 110-5xx
|
A0.16
|
SP87656
| |
|
HP All-in-One 22-2xxx
|
Not Available
|
Not Available
|
Not Available
|
|
HP All-in-One 19-3xxx
|
Not Available
|
Not Available
|
Not Available
|
|
HP All-in-One 19-2xxx
|
Not Available
|
Not Available
|
Not Available
|
|
HP Pavilion 550-axxx
|
A0.17
|
SP87637
| |
|
HP ENVY 750-xxx
|
Not Available
|
Not Available
|
Not Available
|
|
HP Pavilion 550-xxx
|
Not Available
|
Not Available
|
Not Available
|
|
HP All-in-One 20-rxxx
|
Not Available
|
Not Available
|
Not Available
|
|
HP All-in-One 23-rxxx
|
Not Available
|
Not Available
|
Not Available
|
|
HP All-in-One 22-3xxx
|
Not Available
|
Not Available
|
Not Available
|
|
HP All-in-One 20-exxx
|
Not Available
|
Not Available
|
Not Available
|
|
HP Pavilion All-in-One 22-axxx
|
Not Available
|
Not Available
|
Not Available
|
|
HP Pavilion All-in-One 23-qxxx
|
Not Available
|
Not Available
|
Not Available
|
|
HP 251-axx
|
A0.14
|
SP87330
| |
|
HP Slimline 450-axxx
|
A0.14
|
SP87330
| |
|
HP Pavilion 500-xxx
|
Not Available
|
Not Available
|
Not Available
|
|
HP Pavilion 510-pxxx
|
F.21
|
SP87083
| |
|
HP All-in-One 20-cxxx
|
F.41
|
SP87538
| |
|
HP All-in-One 22-bxxx
|
F.41
|
SP87538
| |
|
HP All-in-One 24-gxxx
|
F.41
|
SP87538
| |
|
HP Pavilion All-in-One 24-bxxx
|
F.42
|
SP87152
| |
|
HP Pavilion All-in-One 24-bxxx
|
F.41
|
SP87155
| |
|
HP OMEN 870-0xx
|
F.41
|
SP87155
| |
|
HP Slimline 260-axxx
|
F.31
|
SP87792
| |
|
HP 460-axxx
|
F.31
|
SP87792
| |
|
HP Pavilion 510-axxx
|
F.31
|
SP87792
| |
|
HP All-in-One 20-cxxx
|
F.24
|
SP87146
| |
|
HP All-in-One 22-bxxx
|
F.24
|
SP87146
| |
|
HP All-in-One 24-exxx
|
F.24
|
SP87146
| |
|
HP Pavilion All-in-One 24-xxxx
|
F.12
|
SP87097
| |
|
HP Pavilion All-in-One 24-xxxx
|
F.12
|
SP87101
| |
|
HP Pavilion Power 580-1xx
|
F.22
|
SP87363
| |
|
HP ENVY 750-6xx
|
F.22
|
SP87363
| |
|
HP Pavilion All-in-One 27-rxxx
|
F.12
|
SP87094
| |
|
HP Pavilion All-in-One 24-rxxx
|
F.12
|
SP87099
| |
|
HP Pavilion All-in-One 27-rxxx
|
F.12
|
SP87099
| |
|
HP OMEN 880-xxx
|
F.11
|
SP87263
| |
|
HP Slimline 270-axxx
|
F.23
|
SP87079
| |
|
HP Pavilion 570-axxx
|
F.23
|
SP87079
| |
|
HP Pavilion 570-pxxx
|
F.23
|
SP87082
| |
|
HP Pavilion All-in-One 24-rxxx
|
F.01
|
SP85268
| |
|
HP All-in-One 22-cxxx
|
F.04
|
SP87147
| |
|
HP All-in-One 24-fxxxx
|
F.04
|
SP87147
| |
|
HP Pavilion 590-pxxxx (ROM Family SSID 8433)
|
F.08
|
SP87366
| |
|
HP Pavilion 590-pxxxx (ROM Family SSID 8434)
|
F.08
|
SP87367
| |
|
HP Pavilion 590-axxxx (ROM Family SSID 8435)
|
F.08
|
SP87368
| |
|
HP Pavilion 590-axxxx (ROM Family SSID 8436)
|
F.05
|
SP87204
| |
|
HP Slimline 290-axxxx
|
F.03
|
SP87205
| |
|
HP Pavilion 15-p000~15-p099
|
F.46
|
SP87479
| |
|
HP Pavilion 15-p100~15-p199
|
F.46
|
SP87479
| |
|
HP Pavilion 17-f000~17-f099
|
F.46
|
sp87479
| |
|
HP Pavilion 17-f100~17-f199
|
F.46
|
sp87479
| |
|
HP Envy 15-q1xx
|
F.27
|
SP87172
| |
|
HP 15-e000~HP 15-e099
|
F.48
|
SP87348
| |
|
Compaq 15-b000~Compaq 15-b099
|
F.48
|
SP87348
| |
|
HP 15-e100~HP 15-e199
|
F.48
|
SP87348
| |
|
Compaq 15-b100~Compaq 15-b199
|
F.48
|
SP87348
| |
|
HP 14-g000~HP 14-g099
|
F.48
|
SP87348
| |
|
Compaq 14-h000~Compaq 14-h099
|
F.48
|
SP87348
| |
|
HP Pavilion 14-v000~14-v099
|
F.46
|
sp87479
| |
|
HP Pavilion 14-v100~14-v199
|
F.46
|
sp87479
| |
|
HP Pavilion x360 13-a0XX
|
F.16
|
SP87345
| |
|
HP 14-w0xx
|
F.40
|
SP87356
| |
|
HP 15-f0xx
|
F.40
|
SP87356
| |
|
HP 15-f1xx
|
F.42
|
SP87182
| |
|
HP Pavilion 15-p200~15-p299
|
F.46
|
sp87479
| |
|
HP Pavilion 15-p200~15-p399
|
F.46
|
sp87479
| |
|
HP 17-p000 ~ 17-p099
|
F.18
|
SP87268
| |
|
HP 17-p100 ~ 17-p199
|
F.18
|
SP87268
| |
|
HP Pavilion 17-f200~17-f299
|
F.46
|
sp87479
| |
|
HP Envy 15-q2xx
|
F.27
|
SP87172
| |
|
HP 15-e200~HP 15-e299
|
F.48
|
SP87348
| |
|
Compaq 15-b200~Compaq 15-b299
|
F.48
|
SP87348
| |
|
HP 15-g300~HP 15-g399
|
F.48
|
SP87348
| |
|
HP Pavilion 15-ab000~15-ab099
|
F.52
|
SP90267
| |
|
HP Pavilion 15-ab100~15-ab199
|
F.52
|
SP90267
| |
|
HP 14-g100~HP 14-g199
|
F.48
|
SP87348
| |
|
Compaq 14-h100~Compaq 14-h199
|
F.48
|
SP87348
| |
|
HP 14-af0XX
|
F.21
|
SP91343
| |
|
HP 14-af1XX
|
F.21
|
SP91343
| |
|
HP Pavilion 14-ab000~14-ab099
|
F.52
|
SP90267
| |
|
HP Pavilion 14-ab100~14-ab199
|
F.52
|
SP90267
| |
|
HP Pavilion 14-v200~14-v299
|
F.46
|
sp87479
| |
|
HP Pavilion x360 13-a1XX
|
F.16
|
SP87345
| |
|
HP ENVY m6-p000 ~ m6-p099
|
F.19
|
sp87581
| |
|
HP ENVY 15-ah000 ~ 15-ah099
|
F.19
|
sp87581
| |
|
HP ENVY m6-p100 ~ m6-p199
|
F.19
|
sp87581
| |
|
HP ENVY 15-ah100 ~ 15-ah199
|
F.19
|
sp87581
| |
|
HP Pavilion 17-g000~17-g099
|
F.52
|
SP90267
| |
|
HP Pavilion 17-g100~17-g199
|
F.52
|
SP90267
| |
|
HP 14-w1xx
|
F.40
|
SP87356
| |
|
HP 15-f3xx
|
F.42
|
SP87182
| |
|
HP 15-af0XX
|
F.25
|
SP87665
| |
|
HP 15-af1XX
|
F.25
|
SP87665
| |
|
HP Pavilion 15-aw001 ~ 15-aw099
|
F.29
|
SP87548
| |
|
ENVY x360 m6-ar0XX
|
F.20
|
SP87179
| |
|
ENVY x360 15-ar0XX
|
F.20
|
SP87179
| |
|
HP 15-ba000 ~ 15-ba099
|
F.32
|
SP87426
| |
|
HP 15-ba100 ~ 15-ba199
|
F.32
|
SP87426
| |
|
HP 14-an000 ~ 14-an099
|
F.31
|
SP87417
| |
|
HP Pavilion 14-av001 ~ 14-av099
|
F.27
|
SP87388
| |
|
HP 17-y000~17-y099
|
F.40
|
SP87652
| |
|
HP 17-y500 - 17-y599
|
F.40
|
SP87652
| |
|
HP 17-ak000 ~ 17-ak099
|
F.08
|
SP87058
| |
|
HP Pavilion 15-cd001 ~ 15-cd099
|
F.23
|
sp87116
| |
|
HP Pavilion 17-ar001 ~ 17-ar099
|
F.23
|
sp87116
| |
|
HP 15-bw0xx
|
F.23
|
SP87191
| |
|
HP 15g-bx0xx
|
F.23
|
SP87191
| |
|
HP 15q-by0xx
|
F.23
|
SP87191
| |
|
HP 14-bw0xx
|
F.23
|
SP87157
| |
|
HP 14g-bx0xx
|
F.23
|
SP87157
| |
|
HP 14q-by0xx
|
F.23
|
SP87157
| |
|
HP ENVY x360 m6-bq0xx
|
F.08
|
SP87124
| |
|
HP ENVY x360 15-bq0xx
|
F.08
|
SP87124
| |
|
HP ENVY x360 m6-bq1xx
|
F.17
|
SP87238
| |
|
HP ENVY x360 15-bq1xx
|
F.17
|
SP87238
| |
|
HP 17-ca0000~17-ca0999
|
F.04
|
SP87285
| |
|
HP 14-cg0xxx
|
F.04
|
SP87286
| |
|
HP 14g-cg0xxx
|
F.04
|
SP87286
| |
|
HP 14q-cg0xxx
|
F.04
|
SP87286
| |
|
HP 15-da0000 ~ 15-da0099
|
F.03
|
SP87561
| |
|
HP 15g-da0000 ~ 15g-da0099
|
F.03
|
SP87561
| |
|
HP 15q-da0000 ~ 15q-da0099
|
F.03
|
SP87561
| |
|
HP 255 G1
|
F.49
|
SP88265
| |
|
HP 255 G3
|
F.48
|
SP87348
| |
|
HP 245 G3
|
F.48
|
SP87348
| |
|
HP 245 G4
|
F.21
|
SP91343
| |
|
HP 255 G4
|
F.25
|
SP87665
| |
|
HP 255 G5
|
F.32
|
SP87426
| |
|
HP 240 G5 Notebook PC
|
F.31
|
SP87417
| |
|
HP 245 G5 Notebook PC
|
F.31
|
SP87417
| |
|
HP 255 G6
|
F.23
|
SP87191
| |
|
HP 245 G6
|
F.23
|
SP87157
|
Pending: SoftPaq is in progress.
Under Investigation: SoftPaq is being investigated for feasibility and availability.
Not Available: SoftPaq not available due to technical or logistical constraints.
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, visit
https://www.hp.com/go/contacthp to learn about your HP support options.
Report: To report a potential security vulnerability with any HP supported product, send email to:
hp-security-alert@hp.com.
Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via email, visit
https://www.hp.com/go/alerts.
Security Bulletin Archive: To view released Security Bulletins, search the
HP Support Site for "security bulletin".
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
|
PI
|
HP Printing and Imaging
|
|
HF
|
HP Hardware and Firmware
|
|
GN
|
HP General Software
|
It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information.
To get the security-alert PGP key, please send an e-mail message as follows:
Subject: get key
System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.
"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."
REVISION HISTORY :
Version:1 - 28 September 2018 Initial Release. Version: 2 - 7 February 2019 Updated pending Consumer PC products with new softpaqs.
© Copyright 2023 HP Development Company, L.P.
HP Inc. shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. HP Inc. and the names of HP products referenced herein are trademarks of HP Inc. in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners.
Enter a topic to search our knowledge library
What can we help you with?
Need Help?