Researchers highlight Windows laptop TPM vulnerabilities

News
By Robert Carnevale
published

Those Windows 11 requirements are starting to make more sense.

Surface Laptop 4 Amd 2021 Keyboard Lights
Surface Laptop 4 Amd 2021 Keyboard Lights (Image credit: Daniel Rubino / Windows Central)

What you need to know

  • Windows 11's TPM requirements have been a point of confusion and contention.
  • Researchers have just illustrated why these requirements matter.
  • They utilized TPM's plaintext data to exploit security vulnerabilities in a Windows laptop.

If you were confused by Windows 11's Trusted Platform Module (TPM) requirements and their connotations, you're not alone. Many people didn't and still don't understand what TPM technology is all about.

Before we dive into the news of what researchers have achieved via TPM exploits in Windows laptops, here's Microsoft's official definition of TPM:

"Trusted Platform Module (TPM) technology is designed to provide hardware-based, security-related functions. A TPM chip is a secure crypto-processor that is designed to carry out cryptographic operations. The chip includes multiple physical security mechanisms to make it tamper-resistant, and malicious software is unable to tamper with the security functions of the TPM."

Sounds intense, right? Well, here's the issue, as told by Dolos Group in its attempt to exploit vulnerabilities found in a Windows laptop: "At the time of this writing BitLocker does not utilize any encrypted communication features of the TPM 2.0 standard, which means any data coming out of the TPM is coming out in plaintext, including the decryption key for Windows. If we can grab that key, we should be able to decrypt the drive, get access to the VPN client config, and maybe get access to the internal network."

Dolos Group likens this to targeting a car coming out of Fort Knox rather than the fort itself. By utilizing this exploit in conjunction with other exploits, researchers were able to take a "stolen" corporate laptop and effectively sneak inside its associated corporate network, leaving data exposed and vulnerable.

The research is an intensely technical read, good for if you want to stretch your mental muscles and learn a bit about Windows exploits. With that in mind, Windows' heightened TPM requirements could forecast a more secure future for BitLocker where compromisation methods such as the one Dolos Group employed are no longer possible.

Robert Carnevale
Robert Carnevale

Robert Carnevale is the News Editor for Windows Central. He's a big fan of Kinect (it lives on in his heart), Sonic the Hedgehog, and the legendary intersection of those two titans, Sonic Free Riders. He is the author of Cold War 2395. Have a useful tip? Send it to robert.carnevale@futurenet.com.