=========================================================================================================
 N8115-35 TPMLbg
 Trusted Platform Module(TPM) t@[EFAF 73.20
 Abvf[gc[[Xm[g (Windows)
=========================================================================================================
                                                                                        {dC
                                                                                              2020N08
yڎz
  1.\tg̏Љ
  2.ӎ
  3.Abvf[gΏۃ[U
  4.CXg[@
  5.ŗ
  6.Wђ쌠
---------------------------------------------------------------------------------------------------------

1.\tg̏Љ
{\tgEFA͈ȉ̑Ήs Trusted Platform Module(TPM)t@[EFÃAbvf[gW[łB

 EƎ㐫CVE-2019-16863(TPM-FAIL)ɑΏ邽߂̃Abvf[g܂܂Ă܂B


 {\tgEFAɊ܂܂vO
   {\tgEFAɂ́Aȉ̃vO܂܂Ă܂B

     - Windows(R)pAbvf[gvOF cp042089.exe


2. ӎ
  * Abvf[gƃVXeNȂȂ铙̏Q邱Ƃ܂B{Ō܂
    悭ǂ݌둀̂Ȃ悤Abvf[gsĂB܂Af[^ɗ\ʃANVfg
    (dAAՒfAmCY)ɂVXe듮삵dؒfꂽ肵܂ƁAň̏ꍇA@
    퓮삵ȂȂ܂B
    ̂悤ȏꍇql̂SŏCKvƂ邱Ƃ܂̂ŏ\ӂB

  * TPMt@[EFAXVƁATPM PCRlύX邽OS/AvP[V
@@ÍꂽfBXN/փANZXłȂȂ܂B
@@̂߁ATPMt@[EFAXVOTPMgpOS/AvP[V@\(Microsoft BitLocker)
@@AXVɍĐݒ肵ĂB

@* TPMt@[EFA̍XVsOɁATPMt@[EFÃAbvf[g@\T|[gVXeROM
@@KpĂ邱ƂmFĂB
@@gp̃T[oExpress5800/R110j-1AExpress5800/R110j-1(2nd-Gen)̏ꍇ̓VXeROM v1.02ȍ~A
@@ȊȌꍇ̓VXeROM v1.46ȍ~ŃAbvf[g@\T|[gĂ܂B

  * ̃t@[EFA N8115-35 TPMLbgTPM 1.22.0̓샂[hɐݒ肵ĂꍇɂKpKvłB
    샂[hTPM 1.2ɐݒ肳ĂꍇATPMt@[EFAXVO
@@TPM 2.0ɐ؂ւKv܂B
@@ݒ@ɂĂ͂gpĂT[õeiXKChQƂĂB

  * TPMt@[EFA̓AbvO[ĥ݂\łB
@  o[WŃtbVAȑÕo[WɃ_EO[h肷邱Ƃ͂ł܂B

  * zꂽ(nCp[oCU[邢̓QXgOSȂ)ɂẮA{\tgEFA͂gpɂȂ܂
    BICAbvf[ggpɂȂꍇ́A{\tgEFAΉĂzXgOSォAbvf
    [gĂB

  * {\tgEFAgpɂȂ邽߂ɂ́A iLO 5(x[X{[h}l[WgRg[) ւ̃ANZX
    s߁AStarter Pack Standard Program Package CXg[ĂKv܂B


3.Abvf[gΏۃ[U

  LIvV̑Ώۃt@[EFAo[WĝqlB

@EΏۂƂȂIvV
@@@@N8115-35 TPMLbg

  EΏۂƂȂo[W
        Trusted Platform Module(TPM)t@[EFA         : 73.0

  EڑΏۃT[o
     1. Express5800/R120h-1M
     2. Express5800/R120h-1M(2nd-Gen)
     3. Express5800/R120h-1M(3nd-Gen)
     4. Express5800/R120h-2M
     5. Express5800/R120h-2M(2nd-Gen)
     6. Express5800/R120h-2M(3nd-Gen)
     7. Express5800/R120h-1E
     8. Express5800/R120h-1E(2nd-Gen)
     9. Express5800/R120h-1E(3rd-Gen)
    10. Express5800/R120h-2E
    11. Express5800/R120h-2E(2nd-Gen)
    12. Express5800/R120h-2E(3rd-Gen)
    13. Express5800/R110j-1M
    14. Express5800/T120h
    15. Express5800/T120h(2nd-Gen)
    16. iStorage NS300Ri
    17. iStorage NS500Ri
    18. iStorage NS500Rj
    19. Express5800/R110j-1j
    20. Express5800/R110j-1j(2nd-Gen)


   jLo[WVo[WKpĂꍇ́A{\tgEFAƓ̋@\
       ɓKpĂ邽߁A{Abvf[gsKv͂܂B


   --- o[WmF@ ---

   ȉ̂ꂩ̕@ŁAΏۂƂȂTPMt@[EFẪo[WKmFĂ(1)B

  * Abvf[gΏۃT[oɂĊmFꍇ *
   < VXe[eBeBł̊mF@ >

   (1) Abvf[gΏۃT[o̓dAfBXvCʂPOST(Power On Self-Test)̎se\
       ܂B΂炭ƁAʉɎ̃bZ[W\܂̂ŁAbZ[Wɏ]<F9>L[
       AVXe[eBeBNĂB

                      [F9] System Utilities

   (2) VXe[eBeBNAwVXexIAɁwt@[EFAx
       IĂB

   (3) ʂɊet@[EFÃo[W\܂B
       wTrusted Platform Module(TPM)xAo[WmFĂB

   (4) o[WmF<ESC>L[A܂́AwIxIAVXe[eBeBIĂB

   jVXe[eBeB̎gp@̏ڍׂ́AeiXKCh́w֗ȋ@\xAwVXe[eB
       eBxQƂB

  * [gmFꍇ *
   < iLO Web C^[tF[X̊mF@ >

   (1) [gɂāAiLO Web C^[tF[XɃOCB

   (2) j[́wt@[EFA & OS\tgEFAxIAwt@[EFAxI܂B

   (3) ʂɊet@[EFÃo[W\܂BwTPM FirmwarexA
@@@ o[WmFĂB


4.CXg[@

 4-1.{\tgEFȀ

     (1) Administrators ̂Ȃ[UŃOCĂꍇɂ́AY̌̂郆[UŃOC
         ĂB

     (2) s̃AvP[VׂďI܂B

     (3) {\tgEFAAbvf[gΏۃT[o̔Cӂ̃tH_Ƀ_E[hAzipt@Cׂ
         WJ܂B
          WJꂽf[^̃tH_\͕ύXȂ悤ɂĂB

     (4) KAAbvf[g@\T|[go[W̃VXeROMKpĂ邱ƂmFĂB


 4-2.TPMt@[EFÃAbvf[g菇 

     (1) \Windows tH_zɊ܂܂ Windows(R)p TPMt@[EFAAbvf[gvO_u
         NbNACXg[N܂B

     (2) \郁bZ[Wɏ]āATPMt@[EFAAbvf[gCXg[܂B

     (3) TPMt@[EFAAbvf[g̃CXg[ɐƁAċNv郁bZ[W\
         ̂ŁAu͂(Y)vNbNƁAċNs܂B
          ċNJnȂꍇ́A蓮ōċNsĂB
          ̎_ł́ATPMt@[EFÃAbvf[g͊Ă܂BċNATPMt@[EFA
            ̃Abvf[g܂̂ŁAKAVXe̍ċNs悤ɂĂB

     (4) fBXvCʂ POST(Power On Self-Test) ̎se\܂B΂炭ƁATPMt@[
         EFÃAbvf[gs܂BAbvf[gɂ́A5xԂ܂
         ŁAAbvf[g܂ŁÂ܂܂΂炭҂B
         Abvf[gƁAVXe̎ċNs܂B

     (5) 1 ̂ꂩ̕@ŁAo[WLƂȂĂ邱ƂmF܂B

             Trusted Platform Module (TPM) t@[EFA          : 73.20

      ȏŁATPMt@[EFÃAbvf[g͊łB


---------------------------------------------------------------------------------------------------------
yŗz

2020/08/21  TPMt@[EFAo[W: 73.20
 EȉTPMfoCX̐Ǝ㐫ɑΉB
   - CVE-2019-16863 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16863)
   ̃ZLeBƎ㐫́ANECT[oŗL̂̂ł͂܂B

2017/08/23 TPMt@[EFAo[W: 73.0
 EŁB

---------------------------------------------------------------------------------------------------------
yWђ쌠z

MicrosoftAWindowsAWindows ServerÁAčMicrosoft Corporation ̕čyт̑̍ɂo^W
͏WłB
Linux́ALinus Torvalds̓{т̑̍ɂ鏤W܂͓o^WłB
Red HatARed Hat Enterprise Linux ́Ač Red Hat, Inc.̕čт̑̍ɂ鏤W܂͓o^W
łB 
̑ALڂĂЖAíAeЂ̓o^W܂͏WłB

{\tgEFA̒쌠͓{dCЁA͊JłO҂ɋA܂B
̑Aei͊eЂ̒앨łB

---------------------------------------------------------------------------------------------------------
   Copyright NEC Corporation 2020

