Tech Alerts and Updates

The Laptop Company awarded 2018 HP Direct Partner of the Year for New Zealand

28/11/2018

We're very pleased to announce that The Laptop Company has just been named 2018 HP Direct Partner of the Year!

This is a very big deal for us. We work hard to ensure the satisfaction of all of our customers, so having the endorsement of New Zealand's largest computer brand for the second year in a row is an important milestone for us.

For our customers, this allows us to continue to innovate and advocate to make owning, deploying and introducing new devices more efficient, less stressful and more effective for your users.

If you'd like to find out more about what we're doing for other customers, contact us.

The Laptop Company recognised at the Microsoft New Zealand Partner Awards 2018

4/7/2018

Wellington, New Zealand – July 4, 2018 – Microsoft New Zealand has celebrated its outstanding local business partners at the 11th annual Microsoft Partner Awards. The Laptop Company was a winner in the Surface Partner Award category.

The Laptop Company have been working with Microsoft to help change the way businesses and government think about technology in the modern workplace. With their solutions team, they’ve worked with organisations across New Zealand to help enhance their users’ satisfaction and productivity while reducing the risk and cost of introducing new software and hardware platforms.

The Microsoft New Zealand Partner Awards recognise innovative partners who are demonstrating inventive use of digital technology, with the awards open to all Microsoft partners big and small. The streamlined ceremony saw the awards pivot to a greater focus on customers.

Phil Goldie, Microsoft New Zealand One Commercial Partner Director says, “We congratulate The Laptop Company for winning in the Surface Partner Award category. This year the judges were incredibly impressed by the high calibre of entries. It was a genuine challenge to pick the winners in so many closely contested categories. The Laptop Company is a Microsoft Partner that is delivering solutions and innovations that are optimising businesses as well as improving people’s lives.”

“Our partners play a crucial role in New Zealand’s IT sector. Whether they are creating new solutions to meet customer demands or providing insightful IT advice, every day they are realising Microsoft’s mission by empowering New Zealand businesses to be trail blazers,” says Goldie.

The Partner Awards took place at Shed 10 last week, with over 400 in attendance across a range of sectors.

About The Laptop Company
The Laptop Company is a leading provider of computer hardware and fleet management solutions, as well as being a Microsoft Gold Partner. Working with corporate, government and education providers, The Laptop Company is a trusted partner for many of New Zealand’s most successful workforces.

About Microsoft
Microsoft (Nasdaq “MSFT” @microsoft) enables digital transformation for the era of an intelligent cloud and an intelligent edge. Its mission is to empower every person and every organisation on the planet to achieve more.

For additional information:
Mark Mayo, CEO
Mark.Mayo@laptop.co.nz
04 499 2353

Product or service names mentioned herein may be the trademarks of their respective owners.

Check out the Surface range at The Laptop Company

View Range

'Meltdown' and 'Spectre' critical vulnerability

10/1/2018

A critical vulnerability has been discovered in the architecture of the modern CPU. There are three different attack methods and are leveraging the reading of privilege memory with a side channel.

The attack methods named are 'Meltdown' and 'Spectre'. While initially only thought to be an Intel vulnerability, the CPU's speculative execution methods that these attacks target are shared by Intel, AMD and Arm.

The attacks themselves do not access sensitive data on your storage, however they do potentially allow malicious code to access speculatively executed information.

Details from Intel can be found here.
Details from AMD can be found here.
Details from Arm can be found here.
Details from Microsoft can be found here.

More information on Speculative Execution can be found here.
Detailed information (from Google) about the vulnerabilities can be found here.

There are multiple parts to patching this vulnerability with operating system patches, and the OEM manufacturer updating the microcode of the processor itself:

Variant 1: Bounds check bypass
- Requires operating system updates
- Vulnerable to Spectre attack
Variant 2: Branch target injection
- Requires processor microcode updates
- Requires operating system updates
- Vulnerable to Spectre attack
Variant 3: Rogue data cache load
- Requires operating system updates
- Vulnerable to Meltdown attack

For all of our hardware customers; we will be maintaining a set of links on this page for your reference. If you require any support on this issue then please contact our support team or your account manager through your usual channels. For our ongoing SCCM support contract customers, we have already started the update management process and will liaise with you directly on performing updates as they become available.

Microsoft has released a blog post about the vulnerabilities and the impact of them. Take note that this article discusses the performance impacts of patching your system. It appears that older operating systems such as Windows 7 and 8 have a more noticeable performance hit than Windows 10.

Running Windows Update should patch the Operating System part of the vulnerability, below are the OEM links that will be maintained with firmware/BIOS updates.

OEM Links;

Synaptics touchpad drivers have the potential for key logging

12/12/2017

A possible security vulnerability has been found in some versions of Synaptics touchpad drivers. A malicious party would require full administrative privileges to a system to take advantage of the vulnerability.

The issue has been covered in the media overseas.

OEMs affected are likely to be releasing updated drivers with the vulnerability resolved.

OEM information and links:

HP (Security Bulletin HPSBHF03564)

Intel issues security alert for management firmware

24/11/2017

Intel has released a security alert for their management engine interface that is likely to affect all 6th, 7th, and 8th generation of their Core i series CPUs.

The summary of the problem that is outlined on Intel's website;
Intel® Management Engine (Intel® ME 11.0.0-11.7.0), Intel® Trusted Execution Engine (Intel® TXE 3.0), and Intel® Server Platform Services (Intel® SPS 4.0) vulnerability (Intel-SA-00086)

In response to issues identified by external researchers, Intel has performed an in-depth comprehensive security review of the following with the objective of enhancing firmware resilience:

Intel® Management Engine (Intel® ME)
Intel® Trusted Execution Engine (Intel® TXE)
Intel® Server Platform Services (SPS)

Intel has identified security vulnerabilities that could potentially impact certain PCs, servers, and IoT platforms.

Systems using Intel ME Firmware versions 11.0.0 through 11.7.0, SPS Firmware version 4.0, and TXE version 3.0 are impacted. You may find these firmware versions on certain processors from the:

6th, 7th, and 8th generation Intel® Core™ Processor Family:
Intel® Xeon® Processor E3-1200 v5 and v6 Product Family
Intel® Xeon® Processor Scalable Family
Intel® Xeon® Processor W Family
Intel Atom® C3000 Processor Family
Apollo Lake Intel Atom® Processor E3900 series
Apollo Lake Intel® Pentium® Processors
Intel® Celeron® N and J series Processors

Intel has released a downloadable tool that will help you discover whether your hardware is affected or not. Technical details are also available on their website.

Within the zip file download is a GUI tool, running the tool will result in a pass or fail on the vulnerability for the system you run it on.

OEM hardware manufacturers will be required to release firmware patches to resolve this issue.

For all of our hardware customers; we will be maintaining a set of links on this page for your reference. If you require any support on this issue then please contact our support team or your account manager through your usual channels. For our ongoing SCCM support contract customers, we have already started the update management process and will liaise with you directly on performing updates as they become available.

The most up-to-date source for manufacturer's update links is on Intel's website directly;
Intel Management Engine Critical Firmware Update (Intel SA-00086)

Update 30/11/2017:
Direct OEM links to their specific information;

Infineon TPM Vulnerability

2/11/2017

In Brief
Researchers have discovered a serious vulnerability in Infineon Trusted Platform Module (TPM) cryptographic processors used to secure encryption keys in many PCs, laptops, Chromebooks and smartcards.

In cryptographic terms, the flaw in the way the public key encryption key pair is generated makes it possible for an attacker to work out private 1024-bit and 2048-bit RSA keys stored on the TPM simply by having access to the public key. This would allow an attacker to remove encryption or alter information otherwise protected by the keys stored on the TPM.

What is TPM?
A TPM is a cryptographic chip built on to the motherboard of many (but not all) PCs and laptops as a secure place to store system passwords, certificates, encryption keys and even biometric data (e.g. for fingerprint login or Windows Hello). The principle is that storing keys inside the TPM is a lot better than keeping them on the hard drive or letting them be managed by the operating system, both of which can be compromised.

Microsoft’s BitLocker uses a TPM. They can also be used for authentication (checking a PC is the one it claims to be) and attestation (that a system’s boot image hasn’t been tampered with), for example on Google’s Chromebooks.

Remediation for Windows Devices
Step 1: Apply all Microsoft Windows Operating System Security Updates
Step 2: Determine devices in your organization that are affected using event log entries.
NOTE: After the applicable Windows update is applied, the system will generate Event ID 1794 in the Event Viewer after each reboot under Windows Logs - System when vulnerable firmware is identified. On devices running Windows 10 that have the October 2017 security update installed, in a CMD prompt, type "TPM.MSC" to open the Trusted Platform Module (TPM) Management snap-in. Devices with affected TPM modules will display the following error message: (Shown Below)

"The TPM is ready for use. The TPM firmware on this PC has a known security problem. Please contact your PC manufacturer to find out if an update is available. For more information please go to https://go.microsoft.com/fwlink/?linkid=852572."
If you determine that you do not have an Infineon® TPM capable system then no further action is required.
If your PC is affected, go to Step 3 below to locate your PC model and firmware availability.
If your firmware is not yet available, Microsoft has provided the following mitigation process that is recommended until the release of the firmware update package.
- https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/ADV170012

Step 3: Download and run the firmware update tool provided by the Hardware Vendor (Toshiba, HP, Lenovo, etc).
Step 4: Once the firmware update has been applied to vulnerable devices, additional steps may be required (e.g. devices where BitLocker is in use)

Links to firmware updates
The best source for up-to-date firmware links appears to be Infineon's website;
Information on TPM firmware update for Microsoft Windows
Direct manufacturer links from that page are;

The Laptop Company

News and announcements

News and Alerts