Security issue for Trusted Platform Module (TPM) on Surface devices

Applies to: Surface Pro 3Surface Laptop (1st Gen)Surface Book


This article discusses the effect of the following security issue on Microsoft Surface devices:

Vulnerability in TPM could allow Security Feature Bypass

Microsoft has released firmware updates for the following products:

Note Surface Hub was previously listed as an affected device. Additional investigation has determined that, in all known cases, Surface Hub isn't affected by this vulnerability. Therefore, Microsoft won't be releasing a firmware update for this device.

More information

Microsoft cares deeply about making sure that your devices are reliable and secure. We’ve spent additional time in creating these updates to minimize interruptions and downtime for users and organizations.

The following devices aren't affected by this vulnerability

  • Surface 3
  • Surface Laptop
  • Surface Pro Model 1796
  • Surface Pro with LTE Advanced Model 1807
  • Surface Book 2
  • Surface Hub


For more information, see the following websites:

Note The third-party websites that this article discusses are hosted by companies that are independent of Microsoft. Microsoft makes no warranty, implied or otherwise, about these websites.