Microsoft makes TPM issue worse: TPM 1.2 is actually NOT acceptable

[gjsman]

Summary

In an updated Microsoft document that previously listed hard floors and soft floors, Microsoft has clarified that TPM 1.2 is actually not acceptable in the soft floor and that everyone must, in fact, have TPM 2.0. So if you thought the requirement to have a TPM was bad before, the 1.2 version is actually not supported and Microsoft saying it was, according to them, was incorrect. (Bolded area by myself)

 

Quotes

Quote

There are new minimum hardware requirements for Windows 11. In order to run Windows 11, devices must meet the hardware specifications. Devices that do not meet the hardware requirements cannot be upgraded to Windows 11.

• Processor: 1 gigahertz (GHz) or faster with 2 or more cores on a compatible 64-bit processor or System on a Chip (SoC)
• RAM: 4 gigabyte (GB)
• Storage: 64 GB or larger storage device
• System firmware: Trusted Platform Module (TPM) version 2.0
• Graphics card: Compatible with DirectX 12 or later with WDDM 2.0 driver

Note:

This article has been updated to correct the guidance around the TPM requirements for Windows 11. For more information, see the Windows 11 Specifications. To check the compatibility of your device with Windows 11, get the PC Health Tool from Upgrade to the New Windows 11 OS.

 

My thoughts

You thought the news that you must have a TPM was disruptive enough. Surprise - Microsoft was wrong in saying TPM 1.2 would be OK. You must have TPM 2.0 specifically. Fantastic.

 

Sources

https://mspoweruser.com/microsoft-does-away-with-soft-floor-updates-minimum-windows-11-specs-with-tpm-2-0-requirement/

 

https://docs.microsoft.com/en-us/windows/compatibility/windows-11/

[da na]

Ah, planned obsolescence.

[gjsman]

You have to admire how badly Microsoft is fumbling the Windows 11 announcement. Nobody can get a straight answer on what works and what doesn't. 

[WhitetailAni]

"LARRY?!?!"
"What? I thought TPM 1.2 and TPM 2.0 were the same thing except one was newer than the other one!"

[Murasaki]

Microsoft in a nutshell:

 

[demonix00]

Welcome to windows eWaste where it only runs on hardware that is considered really recent.

[GuiltySpark_]

1 minute ago, gjsman said:

You have to admire how badly Microsoft is fumbling the Windows 11 announcement. 

Changing their story, absolutely. 

 

TPM requirements though.. I mean TPM has been a thing on hardware ~15 years IF your manufacturer decided to implement it. 

 

IMO the anger should be directed at hardware manufacturers who didn't see these security concerns coming and implement a TPM solution. 

 

[DrMacintosh]

Why the hell is this announcement so convoluted? The PC Health Check tool will tell you you can't run Windows 11 without telling you why. In order to enable TPM users have had to dig around in their BIOS to see if their CPU can do the TPM functionality or see if their motherboards have a TPM module/header. If their CPUs don't have that ability ppl now have to buy scalped TPM modules or buy new computers just to run Windows 11. 

 

Microsoft claimed that the majority of computers will be able to run Windows 11, but with the ever changing TPM requirements.....not looking like that's going to be true. 

 

  

[Blademaster91]

It seems like Microsoft is forcing TPM 2.0 in order to get people to replace their PCs, Intel 7th gen and Ryzen 1000 series are still powerful CPUs.

Hopefully the workaround for secureboot and TPM works in the release version, but its still going to be a complete nightmare for anyone in IT managing hardware that isn't recent.

[gjsman]

1 minute ago, rickeo said:

TPM requirements though.. I mean TPM has been a thing on hardware ~15 years IF your manufacturer decided to implement it. 

 

IMO the anger should be directed at hardware manufacturers who didn't see these security concerns coming and implement a TPM solution. 

Incorrect. Microsoft only began requiring TPM in mid-2016. The spec, before any hardware was finished, was created in 2009. Blame Microsoft for not requiring it earlier. Also blame Microsoft for not requiring motherboard manufacturers to name it consistently or enable it by default up unto this day. 

[GuiltySpark_]

Just now, gjsman said:

Incorrect. Microsoft only began requiring TPM in mid-2016. The spec, before any hardware was finished, was created in 2009. Blame Microsoft for not requiring it earlier. 

I'm not sure where you're getting your information but Apple, as one example, was shipping TPM functionality on their first Intel Mac's in 2006. 

 

Regardless, should TPM been a requirement earlier, we'd be having this same conversation back then. It has to happen at some point, its going to upset people regardless.

[Boomwebsearch]

14 minutes ago, rickeo said:

TPM requirements though.. I mean TPM has been a thing on hardware ~15 years IF your manufacturer decided to implement it. 

 

IMO the anger should be directed at hardware manufacturers who didn't see these security concerns coming and implement a TPM solution. 

 

Virtual TPM could be run at the software level without the need for a hardware-based TPM chip, I am thinking that it wasn't seen as a necessity by hardware manufacturers in the past. I think that a lot of systems are going to stick with running Windows 10 because of the new requirements going into Windows 11. 

 

17 minutes ago, demonix00 said:

Welcome to windows eWaste where it only runs on hardware that is considered really recent.

Yeah, this could be a more significant problem because so many users that really want Windows 11 are going to have to throw away their existing computers.

[flibberdipper]

Guess I'll just hope Leeeeenux will work with the two capture cards I want for my current system + a P400 for H.264 encoding. Once the ol' OptiPlex is done being the daily it was going to get turned into a dedicated capture bitch, but I sure as fuck don't plan on running Windows 10 until support for it dies now.

[gjsman]

18 minutes ago, rickeo said:

I'm not sure where you're getting your information but Apple, as one example, was shipping TPM functionality on their first Intel Mac's in 2006. 

 

I was incorrect as for when TPM came out, but it is true that Microsoft only began requiring it in mid-2016. Also, you are incorrect apparently and Apple has not shipped Macs with TPMs since 2006, and the Macs that had TPMs didn't have drivers to actually use them but I could be incorrect on that.

 

All around though this stinks on Microsoft's part. They could have required TPMs a decade earlier. They could have required motherboard manufacturers to call it the same name instead of seemingly having a different name in the UEFI Settings for each manufacturer with some calling it TPM, fTPM, PTT, or something else, and don't get it confused with CSM. They could have required manufacturers to have it enabled by default, which they still don't require right now. 

 

I don't blame the manufacturers as much as I blame Microsoft for not laying any groundwork for us system builders to be ready. They could have looked in 2016, figured TPM 2.0 would be important in the future, and told motherboard makers to have it enabled out of the box because we might use it in the future and because we're requiring it everywhere else.

[JustAnotherOverClocker]

so does this change the CPU requirements as well?

[gjsman]

Just now, JustAnotherOverClocker said:

so does this change the CPU requirements as well?

Doesn't appear so. They still have the separate page with every SKU of supported CPUs AFAIK.

[JustAnotherOverClocker]

Just now, gjsman said:

Doesn't appear so. They still have the separate page with every SKU of supported CPUs AFAIK.

This is so frustrating, there was another post indicating that the soft floor allowed cpus such as the i7-6700k and i7-7700k. But now that's questionable. This is an absolutely unacceptable clusterfuck from a large company.

[Radium_Angel]

22 minutes ago, JustAnotherOverClocker said:

This is so frustrating, there was another post indicating that the soft floor allowed cpus such as the i7-6700k and i7-7700k. But now that's questionable. This is an absolutely unacceptable clusterfuck from a large company.

Take this for what it's worth, but the leaked dev version ran (in a VM) perfectly fine on my system, an twin Xeon Ivybridge Xeon e5-2643v2 workstation

[Radium_Angel]

32 minutes ago, flibberdipper said:

Guess I'll just hope Leeeeenux will work with the two capture cards I want for my current system

If the devs on *nix are smart, they are watching this Charlie Foxtrot unfold with great interest, and will pick up the ball since MS doesn't seem interested in supporting "older" hardware.

[Tieox]

They can fuck right off so far beyond our universe science has yet to come up with a term for just how far they can fuck right off. 

 

TPM in Home should be optional!

[Tieox]

I hope repackers get hold of the .iso images when 11 launches and create custom installers which bypass the bullshit of Microshaft. 

[BlueChinchillaEatingDorito]

15 minutes ago, Tieox said:

They can fuck right off so far beyond our universe science has yet to come up with a term for just how far they can fuck right off. 

 

TPM in Home should be optional!

They need to be a bit more transparent on it's benefits. If this means BitLocker encryption enabled by default on all machines, then I'm all in for it. 

[gjsman]

1 minute ago, BlueChinchillaEatingDorito said:

They need to be a bit more transparent on it's benefits. If this means BitLocker encryption enabled by default on all machines, then I'm all in for it. 

I wish. But it appears BitLocker will remain a Pro-only feature. Microsoft Devs said the TPM requirement enables "future scenarios" apparently.

[Tieox]

1 minute ago, BlueChinchillaEatingDorito said:

They need to be a bit more transparent on it's benefits. If this means BitLocker encryption enabled by default on all machines, then I'm all in for it. 

Make it an option, make it one you have to read and agree to the risks you take not having a TPM 2.0 module installed, but gatekeeping the OS because of it is stupid.  

 

Repackers will make .iso images available that has this bypassed and many peeps will use it to fix ma/pa computers once Win10 is done in '25.

[gjsman]

Just now, Tieox said:

Repackers will make .iso images available that has this bypassed and many peeps will use it to fix ma/pa computers once Win10 is done in '25.

And we'll once again have a proliferation of malware-infested ISOs. Fantastic.