Information on ST's TPM firmware update – ECDSA signature generation

Trusted Platform Module (TPM) Firmware updates, including additional countermeasures in the implementation of the Elliptic Digital Signature Algorithm (ECDSA) signature generation function, are available for ST’s devices based on Trusted Computing Group specifications 2.0. TPM devices based on TCG specifications 1.2 do not support this cryptographic function.

The deployment of a TPM firmware update is not required if:

  • the ecosystem does not depend on this cryptographic service or
  • the platform already provides countermeasures

Please follow this link for more information on the impact on Microsoft Windows operating systems devices.

 

For end-users of computing devices with an ST TPM

TPM firmware updates will be rolled out to end users by device manufacturers (PC manufacturers).
Please follow the links below or check your manufacturer's website if it is not listed below:
  • Lenovo support : click here
  • HPE support : click here

For other operating systems or embedded devices, please contact your device manufacturer.

The TPM-affected products' firmware and applicable firmware updates are listed below: 

Products

FW versions affected

Fixed FW version recommended

ST33TPHF2ESPI

71.0, 71.4, 71.12

71.16

ST33TPHF2ESPI

73.0, 73.4

73.20

ST33TPHF2ESPI

73.8

73.64

ST33TPHF2EI2C

73.5

73.21

ST33TPHF2EI2C

73.9

73.65

ST33TPHF20SPI

74.0, 74.4

74.20

ST33TPHF20SPI

74.8, 74.16

74.64

ST33TPHF20I2C

74.5

74.21

ST33TPHF20I2C

74.9

74.65

The TPM products and firmware not listed are not affected.

CVE Identifier: CVE-2019-16863

 

Further information

Support & Feedback