A security flaw has been discovered in some versions of Infineon secure elements. This affects some TPMs, and some smart cards/token manufacturers that use Infineon chips.
Although the software within Intercede’s MyID Service itself is not affected by this vulnerability, devices used with MyID may be. If you intend to use the MyID Service to issue credentials to a Microsoft Virtual Smart Card on a computer that is impacted by this vulnerability, Intercede strongly recommends that you resolve the vulnerability on the affected device (based on the vendor’s advice), before you start issuing the credentials.
If you have already issued Microsoft Virtual Smart Cards using the MyID Service, you should
Update the firmware on affected computers.
Cancel the affected credentials using the MyID Service dashboard.
At next login to Windows, affected users will be prompted to collect a new Virtual Smart Card.
Further details about this vulnerability and how to detect if you are affected by this problem are available from Microsoft.
Affected devices can generate weak RSA keys. For further details of the flaw, see the following link.