Information Disclosure, Denial of Service, Escalation of Privilege
Source: HP, HP Product Security Response Team (PSRT)
Reported by: Seunghun Han, National Security Research Institute
Potential security vulnerabilities have been identified with the Trusted Platform Module (TPM) that allow an unauthorized third party to modify the TPM configuration following an S3 Resume, allowing unauthorized access to the system and its data.
HP has identified the affected platforms and target dates for Softpaqs. See the affected platforms listed below.
> note:
>
> This bulletin will be updated. Check back frequently for updates. HP recommends keeping your system up to date with the latest firmware and software.
Pending: Softpaq is in progress.
Under investigation: System under investigation for impact, or Softpaq under investigation for feasibility/availability.
Not available: Softpaq not available due to technical or logistical constraints.