Search the Community

Over three years ago, when Microsoft announced Windows 11, the operating system generated a lot of buzz. Not only because of its unconventional look but also because of its steep hardware requirements, which rendered a lot of still-capable systems unable to run Windows 11 officially. One of those requirements is TPM 2.0, and Microsoft is once again reminding everyone why that chip is so important. For reference, TPM 2.0 could be a dedicated hardware chip (a lot of users bought them after the initial Windows 11 announcement) or firmware that is built into your PC's motherboard (the most popular option among regular consumer-grade hardware). TPM stands for Trusted Platform Module, and it is responsible for storing encryption keys, passwords, certificates, and other sensitive data. Unlike TPM 1.2, version 2.0 works with additional features like Secure Boot (another Windows 11 requirement) and Windows Hello. However, Microsoft admits that implementing it requires "a change for your organization." In other words, buying new hardware: As for the real benefits of using TPM 2.0, Microsoft cites better cryptography standards, separation of cryptography processes and storage from the main processor, and better integration with Windows 11's additional security features, such as Credential Guard and Windows Hello for Business. TPM 2.0 is also used for BitLocker's encryption keys (with Windows 11 version 24H2, BitLocker is on by default for all users), Secure Boot, which ensures the OS you try to boot has not been tampered with, and multifactor authentication. Microsoft says that TPM 2.0 is an essential tool in combating present-day security risks and ensuring your data is safe in the future. The company even calls its Trusted Platform Module 2.0 a "non-negotiable standard" for the future of Windows, so do not expect Microsoft to lower Windows 11's hardware requirements just to help more users upgrade their systems from Windows 10 to 11 (those can purchase 12 more months of security updates for $30). You can read more about the importance of TPM 2.0 in the modern world in a post on Microsoft's official Tech Community website. Source Hope you enjoyed this news post. Thank you for appreciating my time and effort posting news every day for many years. 2023: Over 5,800 news posts | 2024 (till end of November): 5,298 news posts RIP Matrix | Farewell my friend

How to bypass the Windows 11 TPM 2.0 requirement Microsoft now requires a computer to have a TPM 2.0 module to install Windows 11. However, new Registry entries have been discovered that allow you to bypass the TPM requirement and minimum memory and secure boot requirements. With Windows 11, Microsoft added new minimum system requirements that all devices need to have a TPM 2.0 security processor to power some of the operating system's security features. "The following Windows features require TPM 2.0: Measured Boot, Device Encryption, WD System Guard, Device Health Attestation, Windows Hello/Hello for Business, TPM Platform Crypto Provider Key Storage, SecureBIO, DRTM, vTPM in Hyper-V," Microsoft told BleepingComputer. For most people running CPUs created in the past 5-6 years, a firmware-based TPM (fTPM) is built into the CPU and can be enabled in the BIOS. To enable the fTPM, simply boot your computer into the BIOS and enable the Intel Platform Trust Technology (Intel PTT) or the AMD Platform Security Processor, depending on your CPU. For those who do not have this feature, you may be able to install a discrete TPM 2.0 processor on the motherboard. However, if your processor is old enough that it does not have one built-in fTPM, your motherboard's module will likely be TPM 1.2, which is not compatible with Windows 11. This requirement is frustrating for users running Windows 10 on older equipment, as now they are being forced to purchase new hardware to install Windows 11. Furthermore, as Microsoft has stated in documentation that OEMs can get permission to disable the TPM requirement in Windows 11 for their devices, the question becomes: Do you really need a TPM 2.0 processor to use Windows 11? How to bypass the TPM requirement in Windows 11 If you are attempting to install Windows 11 and receive a message stating, "This PC can't run Windows 11," it is likely that you do not have a TPM 2.0 installed or enabled. The good news is that Microsoft includes a new 'LabConfig' registry key that allows you to configure settings to bypass the TPM 2.0, the 4GB memory, and Secure Boot requirements. Based on the name of this registry key, it is likely used by Microsoft or OEMs to set up a "lab" environment to test the Windows 11 on older equipment or when testing new features. To bypass the TPM 2.0 requirements when installing Windows 11, please follow these steps: Install Windows 11 via an ISO or the Windows 11 Insider Program. While installing Windows 11, if your computer does not meet the hardware requirements, you will see a message stating, "This PC can't run Windows 11." Windows 11 setup blocked due to missing hardware requirements When you see the above message, press Shift+F10 on your keyboard at the same time to launch a command prompt. At this command prompt, type regedit and press enter to launch the Windows Registry Editor. Opening command prompt in Windows Setup When the Registry Editor opens, navigate to HKEY_LOCAL_MACHINE\SYSTEM\Setup, right-click on the Setup key and select New > Key. When prompted to name the key, enter LabConfig and press enter. Now right-click on the LabConfig key and select New > DWORD (32-bit) value and create a value named BypassTPMCheck, and set its data to 1. Now create the BypassRAMCheck and BypassSecureBootCheck values and set their data to 1 as well, so it looks like the following image. Configuring the Registry to bypass hardware requirements Once you configure those three values under the LabConfig key, close the Registry Editor, and then type exit in the Command Prompt followed by enter to close the window. You will now be back at the message stating that the PC can't run Windows 11. Click on the back button in the Windows Setup dialog, as shown below. Press the back button in Windows setup You will now be back at the screen prompting you to select the version of Windows 11 you wish to install. You can now continue with the setup, and the hardware requirements will be bypassed, allowing you to install Windows 11. Hardware requirements are now bypassed It is important to note that disabling these features could affect the performance or stability of Windows 11, so be sure to only use them on a virtual machine or test box that are you are ok with working in an unsupported environment. Furthermore, by disabling the TPM 2.0 requirement, you are effectively reducing the security in Windows 11. Finally, running Windows 11 on anything less than 4GB will not be an optimal experience and is not recommended. H/T Albacore How to bypass the Windows 11 TPM 2.0 requirement

At their special event, Microsoft announced the all new Windows 11. The new operating system comes with a visual overhaul, multi-tasking improvements and more. Microsoft is expected to roll out Windows 11 to users later this year but not every device will be able to run Windows 11. If you are planning to try out Windows 11 then you can check out the minimum specs below: 1Ghz 64-bit dual-core processor 4GB RAM 64GB storage 9-inch display (1366x768 resolution) UEFI, Secure Boot & TPM 2.0 compatible DirectX 12 compatible graphics / WDDM 2.x The biggest change with Windows 11 is the 64-bit only operating system. Microsoft does not plan to release a 32-bit version of Windows 11, but the OS will continue to support 32-bit software. Apart from that, Microsoft will now need a 9-inch display as well as 64GB storage to run. These changes should make the Windows 11 experience better on all devices but will also increase the specification requirements for budget devices. If you are worried about Windows 11 requirements, then you can download the Windows PC Health Check (via WalkingCat) app to see if your PC meets the requirements. Source: Here are the official minimum system requirements for Windows 11 (via Neowin)

Microsoft's much-awaited Windows 11 is generally available starting today (check out our review here) and there has been a lot of buzz around the integrated security features and the rather strict system requirements criteria it brings with it. The latest commotion has been around the Virtualization-based Security (VBS) feature and how it can adversely affect gaming performance even on CPUs officially supported by the OS. Apparently, VBS is set to on by default in clean Windows 11 installs. In an interview with the Computer Reseller News (CRN), David Weston, Partner Director of Enterprise and OS Security at Microsoft, has clarified why this is so: What we learned from [Windows] 10 is, if you make things optional, people don’t turn them on. They assume that if it was necessary, it would be on. And so I think that’s a big learning. What we put into 11 is [that] we are going to secure you by default. He also explained why there is a need for such a feature in the first place: Even if someone gets admin-level privileges—the highest level of privilege—they still can’t read what’s in this separate VM. It’s the exact same premise as how the cloud works today—you can be on a hardware machine with your bitterest rival, and you cannot read coded data across. We use that exact same technology shrunk down [for Windows 11]. Other than sharing his thoughts on VBS, Weston also talked about the TPM 2.0 requirement in Windows 11 and how all of this together will help Microsoft realize its vision for the future of the OS and Windows PCs: A lot of this initial release of Windows 11 is not the end goal—it’s the first click stop on our journey. We’re saying, ‘we can now guarantee you have a TPM. That means I can go and make sure every app developer is now storing credentials and keys in hardware. [...] More applications can support passwordless by default. More applications can do data encryption. More applications can have zero trust protections, because we’ve got that virtualization-based capability to report on their integrity. What you’ll see in the following versions of Windows 11 is us exploiting that to a much better extent to increase security. So I think this is just the stage setting. This is act one. Act two and three, I think, are going to really bring some massive increases in security. In fact, back when it had announced its Windows 11 system requirements, the Redmont giant claimed that the added security measures led to reduced malware infestation by 60%. Source: CRN Microsoft explains why TPM 2.0 and VBS on Windows 11 are so key for next-gen security