DSA-2020-021: Dell Client Platform Security Update Advisory for STMicroelectronics' Trusted Platform Module (TPM)
Summary: Dell Client Consumer and Commercial Platforms require a security update to address STMicroelectronics' TPM vulnerabilities.
Impact
Medium
Details
Updates are available to address the following security vulnerabilities.
- CVE-2019-16863
We encourage customers to review STMicroelectronics’ advisory for further information:
Information on ST's TPM firmware update – ECDSA signature generation
For more information about any of the Common Vulnerabilities and Exposures (CVEs) mentioned here, consult the National Vulnerability Database (NVD) at http://nvd.nist.gov/home.cfm. To search for a particular CVE, use the database’s search utility at http://web.nvd.nist.gov/view/vuln/search.
Updates are available to address the following security vulnerabilities.
- CVE-2019-16863
We encourage customers to review STMicroelectronics’ advisory for further information:
Information on ST's TPM firmware update – ECDSA signature generation
For more information about any of the Common Vulnerabilities and Exposures (CVEs) mentioned here, consult the National Vulnerability Database (NVD) at http://nvd.nist.gov/home.cfm. To search for a particular CVE, use the database’s search utility at http://web.nvd.nist.gov/view/vuln/search.
Produse afectate și măsuri de remediere
Affected products:
Dell Client Consumer and Commercial Platforms (see Resolution section below for complete list of affected products).
Remediation:
The following TPM firmware version contains a resolution to this vulnerability:
- Dell TPM 2.0 Firmware versions 74.64 and newer
Download and install the latest firmware version from:https://www.dell.com/support/home/en-us?app=drivers
Dell recommends all customers update at the earliest opportunity.
Dell Client Consumer and Commercial Products Affected:
|
Product |
Release Date (MM/DD/YYYY) |
|---|---|
|
Latitude 3400 |
1/7/2020 |
|
Latitude 3500 |
1/7/2020 |
|
Latitude 7400 2-in-1 |
1/7/2020 |
|
Latitude 5401 |
1/7/2020 |
|
Latitude 5501 |
1/7/2020 |
|
Precision 3540 |
1/7/2020 |
|
Latitude 7300 |
1/7/2020 |
|
Latitude 7400 |
1/7/2020 |
|
Latitude 5300 |
1/7/2020 |
|
Latitude 5400 |
1/7/2020 |
|
Latitude 5500 |
1/7/2020 |
|
Precision 3541 |
1/7/2020 |
|
Latitude 5300 2-IN-1 |
1/7/2020 |
|
Latitude 7200 2 in 1 |
1/7/2020 |
|
XPS 7390 2-in-1 |
1/7/2020 |
Affected products:
Dell Client Consumer and Commercial Platforms (see Resolution section below for complete list of affected products).
Remediation:
The following TPM firmware version contains a resolution to this vulnerability:
- Dell TPM 2.0 Firmware versions 74.64 and newer
Download and install the latest firmware version from:https://www.dell.com/support/home/en-us?app=drivers
Dell recommends all customers update at the earliest opportunity.
Dell Client Consumer and Commercial Products Affected:
|
Product |
Release Date (MM/DD/YYYY) |
|---|---|
|
Latitude 3400 |
1/7/2020 |
|
Latitude 3500 |
1/7/2020 |
|
Latitude 7400 2-in-1 |
1/7/2020 |
|
Latitude 5401 |
1/7/2020 |
|
Latitude 5501 |
1/7/2020 |
|
Precision 3540 |
1/7/2020 |
|
Latitude 7300 |
1/7/2020 |
|
Latitude 7400 |
1/7/2020 |
|
Latitude 5300 |
1/7/2020 |
|
Latitude 5400 |
1/7/2020 |
|
Latitude 5500 |
1/7/2020 |
|
Precision 3541 |
1/7/2020 |
|
Latitude 5300 2-IN-1 |
1/7/2020 |
|
Latitude 7200 2 in 1 |
1/7/2020 |
|
XPS 7390 2-in-1 |
1/7/2020 |