Skip to main content

Microsoft eases Windows 11 TPM requirement, but probably not for you

Microsoft stirred up a lot of confusion following the Windows 11 announcement by listing TPM 2.0 as a requirement to run the operating system. Originally, this seemed as a requirement mostly focused on manufacturers, as Microsoft has required TPM on Windows 10 for the past few years. However, digging into the detailed system requirements reveals that manufacturers have a lot of flexibility with TPM.

As discovered by Tom’s Hardware, page 16 of the Windows 11 hardware requirements says that “upon approval from Microsoft, [manufacturer] systems for special purpose commercial systems, custom order, and customer systems with a custom image are not required to ship with a TPM support enabled.”

asus tpm chip in motherboard.
A TPM is usually soldered to the motherboard, but add-on modules are available, too. Image used with permission by copyright holder

Relaxing the requirement for manufacturers makes sense. Certain countries have distinct versions of Windows with some features enabled and others disabled. China, for example, uses Windows 10 China Government Edition, which enables “the government to use its own encryption algorithms.” Lenovo is one of Microsoft’s OEM partners that delivers this special version of Windows.

It’s not clear if manufacturers can bypass the requirement beyond a special circumstance like the Windows 10 China Government Edition. It seems that regardless of the implementation, manufacturers will need to go through Microsoft to disable the TPM requirement.

TPM, or Trusted Platform Module, provides hardware encryption in Windows 11. Following the announcement, the requirement stirred controversy as PC builders found out that their high-end gaming PCs couldn’t run Windows 11.

A lot of the confusion came down to Microsoft’s PC Health Check app, which didn’t provide any details on the TPM requirement or how to enable it. Microsoft has since updated the app to provide clearer details on unsupported machines.

That didn’t stop TPM from suddenly shooting into the mainstream, though. After the announcement, prices for add-in TPM chips shot from around $25 to nearly $100 on eBay, as scalpers bought up the limited inventory available at retailers. Prices have started to wane as builders figure out how to enable firmware TPM in the BIOS, which is supported on most motherboards released after 2016.

Still, many systems don’t come with any TPM support and the ones that do may have it disabled by default. This is an obscure system requirement for much of the Windows 11 audience, so it remains to be seen how Microsoft will handle it once the OS launches.

Jacob Roach
Lead Reporter, PC Hardware
Jacob Roach is the lead reporter for PC hardware at Digital Trends. In addition to covering the latest PC components, from…
A dangerous new jailbreak for AI chatbots was just discovered
the side of a Microsoft building

Microsoft has released more details about a troubling new generative AI jailbreak technique it has discovered, called "Skeleton Key." Using this prompt injection method, malicious users can effectively bypass a chatbot's safety guardrails, the security features that keeps ChatGPT from going full Taye.

Skeleton Key is an example of a prompt injection or prompt engineering attack. It's a multi-turn strategy designed to essentially convince an AI model to ignore its ingrained safety guardrails, "[causing] the system to violate its operators’ policies, make decisions unduly influenced by a user, or execute malicious instructions," Mark Russinovich, CTO of Microsoft Azure, wrote in the announcement.

Read more