Event ID 10 — TPM Driver Operation

Applies To: Windows Server 2008

This version of Windows includes a device driver that allows the TPM Base Service (TBS) to communicate with and share the use of a Trusted Platform Module chip in the computer. Any failures in communication with the TPM or unexpected results cause the TPM driver or the TBS to log event messages.

Note: The BitLocker Drive Encryption feature uses the TPM by default.

Event Details

Product: Windows Operating System
ID: 10
Source: TPM
Version: 6.0
Symbolic Name: TPM_BUFFER_UNDERFLOW
Message: A buffer underflow was detected.

Resolve

Restart the computer

In order to perform operations correctly, an application that uses the Trusted Platform Module (TPM) must be able to communicate correctly with the TPM, using the application programming interfaces (APIs) or Windows Management Instrumentation (WMI) providers that, in turn, rely on the TPM Base Service (TBS), which uses the TPM driver. The ability to share the TPM between multiple components and applications requires that all such components and applications are written to use the APIs and WMI providers correctly.

Some applications may provide a method to retry the particular operation. If such an option or command is not available, or does not resolve the issue, restart the computer.

If problems continue after restarting the computer, investigate any software applications using the TPM, particularly if new applications have been installed. Details are provided in the event log entries to assist software developers in troubleshooting problems in their applications.

It is also possible that the TPM hardware may be malfunctioning. Because the TPM is a hardware device, you need to contact your hardware supplier or hardware support team to resolve this issue.

Verify

In order for the TPM driver to function correctly, the TPM must be correctly recognized by Windows.

To perform these procedures, you must have membership in Administrators, or you must have been delegated the appropriate authority.

To verify that the TPM is correctly recognized by Windows:

  1. Open Device Manager.
  2. Expand Security Devices.
  3. If the Trusted Platform Module version 1.2 is not present under Security Devices, or if Security Devices is not shown as a category, your computer might not have a TPM version 1.2, or the computer is unable to recognize the TPM.
  4. Right-click on the Trusted Platform Module 1.2, and then click Properties.
  5. In the Trusted Platform Module 1.2 Properties window, look at the device status on the General tab. The status should indicate "This device is working properly."

If the TPM is correctly recognized by Windows, then you can also verify that the TPM driver is operating correctly.

To verify that the TPM driver is operating correctly:

  1. Click Start, type tpm.msc in the Start Search box, and then press ENTER.
  2. If the User Account Control window appears, click Continue.
  3. In the TPM Management on Local Computer window, examine the Status section. The status should indicate "The TPM is on and ownership has been taken."

Note: Other application software may also make use of the TPM driver. Consult the documentation supplied with each application for steps to verify the correct operation.

TPM Driver Operation

Core Security