Chromebooks are getting some update love it seems, as they’ve just been updated with a security release, that has some side effects. Security researchers have found that there’s a bug in a certain firmware that needed to be addressed and that’s how the update came to be.
The bug was found in the Infineon TPM firmware and it allows hackers to brute force a Chromebook and obtain encrypted data from it. The vulnerability is rather limited and the researchers estimate it would take around 140 CPU years to break a single key.
The problem is that this bug potentially affects all Chromebooks using the latest Infineon TPM chip and there’s a lot of them. Models from Samsung, HP, Acer, Lenovo and Toshiba are all on the list, which you can find in the source link below.
If you own one of these models, you can check what TPM firmware you have by accessing “chrome://system” and searching for “TPM”. Now here comes the catch: if you update your TPM module’s firmware you will also wipe the memory of your computer. Google has made the update optional, but if you do update, make sure to back up everything.
Powerwash can also be selected from System settings. The good thing is that it only takes a minute. The bad? You lose everything…