Microsoft Backpedals, Explains Windows 11 TPM Requirement

Windows 11 has caused a lot of confusion over the past few days with its TPM 2.0 requirement. This hardware encryption module isn’t present on every device, causing a lot of machines to fail Microsoft’s Windows 11 PC Health Check tool, which checks for compatibility. Now that the first Windows 11 preview build is available through the Insider Program, Microsoft has offered an explanation, and even hinted that it may be reconsidering the requirement.

Through a blog post announcing the first Insider build for Windows 11, Microsoft acknowledged the confusion with the PC Health Check app and minimum system requirements. In response, Microsoft is temporarily suspending the PC Health Check app until its “teams can address the feedback.” However, the TPM requirement remains on the minimum system specs page.

According to the post, Microsoft has seen up to a 60% reduction in malware when TPM-enabled features like Windows Hello and BitLocker encryption are used on supported devices. It also said that devices using the new Windows driver model can achieve a 99.8% crash-free experience.

However, Microsoft is now fully acknowledging the TPM requirement issue instead of sidestepping it. Over the weekend, Microsoft updated the PC Health Check app to provide more details, and it removed the “hard floor” and “soft floor” TPM requirements from the minimum system specs.

The initial confusion came almost immediately after the Windows 11 announcement, as PC builders found out that their high-end PCs may not be able to run Windows 11. The compatibility issues came down to TPM, or the Trusted Platform Module, which is a chip that handles hardware-level encryption in Windows.

Microsoft said the decision to remove the PC Health Check app and clarify the system requirements came from a focus on “increasing security, improving reliability, and ensuring compatibility” on Windows 11. The company is making exceptions to the TPM requirement for approved manufacturers, though we’re not still not sure how it will handle TPM when the Windows 11 launches later this year.

Microsoft also further clarified the minimum CPU requirements for Windows 11, hinting that the need for newer processors is still being considered. As of now, anything older than 8th-gen Intel and AMD Ryzen 2000 aren’t supported. However, Microsoft says it will continue testing devices using these processors through Windows Insider builds, and says it wants Windows Insiders to be able to install Windows 11 on 7th-gen processors “to give us more data about performance and security.” Clearly, these requirements are still in flux, and we’ll have to see what Microsoft ends up deciding.

Editors’ Choice

Repost: Original Source and Author Link

Tech News

Windows 11 TPM 2.0 requirement has a special exception

Interest in Microsoft’s next big Windows release immediately turned into confusion over the hardware requirements to run Windows 11. One of the most controversial parts of that requirement is TPM or the Trusted Platform Module cryptographic hardware. Where it was previously considered a “soft floor” requirement, Microsoft has just raised TPM 2.0 as Windows 11’s hard requirement. It turns out that it might not be that hard at all since Microsoft is willing to waive it for certain special cases and markets.

TPM isn’t exactly new and many modern computers do have such a cryptoprocessor already pre-installed. It is, of course, a Microsoft technology, but most vendors do in order to meet Redmond’s minimum requirements for certifying certain systems as secure, especially for enterprise use. The problem, however, is that not all Windows PCs today have the latest TPM 2.0 hardware and some that do have those chips disabled.

Microsoft is making a big fuss over TPM 2.0, mostly in response to criticism for such a hard requirement that immediately makes some Windows 10 PCs ineligible to receive Windows 11. Of course, it using security as the reason behind that decision and argues that there are already plenty of pre-built PCs with TPM 2.0 included. It doesn’t, however, say anything about those who build their own PCs.

It turns out, however, that Microsoft is willing to disregard those security principles in some cases. Tom’s Hardware discovered a small clause in the 16-page Windows 11 Minimum Hardware Requirements that says some custom images don’t require TPM to be enabled. The site theorizes that this will be the case for custom Windows versions shipped in China and Russia, which either don’t use TPM or even disallow it.

To be clear, the clause only covers whether TPM is enabled or disabled but may still require the cryptoprocessor hardware to be present even if unused. Still, this revelation could further ignite complaints about Microsoft’s hard requirements and push certain agents to create unofficial versions of Windows 11 that don’t require TPM at all.

Repost: Original Source and Author Link