Researchers highlight Windows laptop TPM vulnerabilities

Those Windows 11 requirements are starting to make more sense.

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

What you need to know

What you need to know

If you were confused byWindows 11’s Trusted Platform Module (TPM) requirements and their connotations, you’re not alone. Many people didn’t and still don’t understand whatTPM technologyis all about.

Before we dive into the news of what researchers have achieved via TPM exploits in Windows laptops, here’s Microsoft’sofficial definition of TPM:

“Trusted Platform Module (TPM) technology is designed to provide hardware-based, security-related functions. A TPM chip is a secure crypto-processor that is designed to carry out cryptographic operations. The chip includes multiple physical security mechanisms to make it tamper-resistant, and malicious software is unable to tamper with the security functions of the TPM.”

Sounds intense, right? Well, here’s the issue, as told byDolos Groupin its attempt to exploit vulnerabilities found in a Windows laptop: “At the time of this writing BitLocker does not utilize any encrypted communication features of the TPM 2.0 standard, which means any data coming out of the TPM is coming out in plaintext, including the decryption key for Windows. If we can grab that key, we should be able to decrypt the drive, get access to the VPN client config, and maybe get access to the internal network.”

Dolos Group likens this to targeting a car coming out of Fort Knox rather than the fort itself. By utilizing this exploit in conjunction with other exploits, researchers were able to take a “stolen” corporate laptop and effectively sneak inside its associated corporate network, leaving data exposed and vulnerable.

The research is an intensely technical read, good for if you want to stretch your mental muscles and learn a bit about Windows exploits. With that in mind, Windows' heightened TPM requirements could forecast a more secure future for BitLocker where compromisation methods such as the one Dolos Group employed are no longer possible.

Get the Windows Central Newsletter

Get the Windows Central Newsletter

All the latest news, reviews, and guides for Windows and Xbox diehards.

Robert Carnevale is the News Editor for Windows Central. He’s a big fan of Kinect (it lives on in his heart), Sonic the Hedgehog, and the legendary intersection of those two titans, Sonic Free Riders. He is the author ofCold War 2395. Have a useful tip? Send it to robert.carnevale@futurenet.com.