13. Protection of PhysicalPresence Variable

Description:

The PhysicalPresence variable was used to store commands to the TPM, and commands that should require physical presence could be written to it by software.

Recommendation:

This is addressed in EDK2 SVN https://sourceforge.net/p/edk2/code/14619.

Acknowledgments:

Reported by the Advanced Threat Research Team at Intel Security.