Microsoft Considers Tweaking Windows 11 TPM Requirement to Include Zen 1 and 7th Gen Core

btarunr · Jun 29, 2021

In more reason why Microsoft's requirement for hardware trusted platform modules for its upcoming Windows 11 operating system is arbitrary, the company revealed that it is willing to tweak the hardware TPM system requirements to accommodate platforms from 2017, which include the very first generation of AMD "Zen" (Ryzen 1000 series), and Intel 7th Gen Core "Kaby Lake." In a Windows Insider blog posted dated June 28, Microsoft explained in brief why Windows 11 needs TPM 2.0 hardware, and that the "PC Health Check App," the software tool Microsoft is giving users to check whether their PCs measure up to Windows 11, has been temporarily removed from the website while they work on getting its accuracy right.

"The intention of today's post is to acknowledge and clarify the confusion caused by our PC Health Check tool, share more details as to why we updated the system requirements for Windows 11 and set the path for how we will learn and adjust. Below you will find changes we are making based on that feedback, including ensuring we have the ability for Windows Insiders to install Windows 11 on 7th generation processors to give us more data about performance and security, updating our PC Health check app to provide more clarity, and committing to more technical detail on the principles behind our decisions. With Windows 11, we are focused on increasing security, improving reliability, and ensuring compatibility. This is what drives our decisions.

In the blog, Microsoft explains that a hardware TPM is required for secure credentials storage, to drive features such as device encryption, Windows Hello biometrics, virtualization-based security (VBS), and hypervisor-protected code integrity (HVCI) and Secure Boot. Most modern processors include a TPM 2.0-compliant on-die TPM, some even have features such as VBS and whole-memory encryption.

View at TechPowerUp Main Site

Rais · Jun 29, 2021

Those security option...why do I need them on a desktop PC? Or better, why i cannot upgrade my still good hardware to 11 just because of this?

GeorgeMan · Jun 29, 2021

Rais said:
Those security option...why do I need them on a desktop PC? Or better, why i cannot upgrade my still good hardware to 11 just because of this?

You can, your installation will be unsupported though.

Gmr_Chick · Jun 29, 2021

It only makes absolute sense for Windows 11 to support Intel 7th gen and Ryzen 1000 series. We're only talking 2017 here. It's not like it's Haswell or the FX series.

Camm · Jun 29, 2021

I had a think about Microsoft's security requirements, and they aren't arbitrary.

Secure Boot requires UEFI, that comes in at 5th Gen in a patchy way I'm pretty sure, and was only default by 7th gen, and wasn't available on Piledriver or Bristol.

TPM 2 was only supported from 8th Gen and Zen+ and up.

Makes sense when looked at from a 50 foot view I guess, although time to include TPM 1.2 and anything that supports Secure Boot, which should extend down to some 5th gen parts.

ZoneDymo · Jun 29, 2021

what is the exact reason why "ancient" hardware that can run Windows 10 just fine should not be able to run windows 11?
improved security? really? so my core 2 duo laptop or core 2 quad pc which run windows 10 just fine are super insecure and therefor irresponsible to use for windows 11

I mean this is just begging for hacked windows 11 vids where people show it runs just fine on older hardware....I swear sometimes its like companies work to have techyoutubers have content for their vids....

Prime2515102 · Jun 29, 2021

Camm said:
I had a think about Microsoft's security requirements, and they aren't arbitrary.

Secure Boot requires UEFI, that comes in at 5th Gen in a patchy way I'm pretty sure, and was only default by 7th gen, and wasn't available on Piledriver or Bristol.

TPM 2 was only supported from 8th Gen and Zen+ and up.

Makes sense when looked at from a 50 foot view I guess, although time to include TPM 1.2 and anything that supports Secure Boot, which should extend down to some 5th gen parts.

I'm not sure how widespread it was, and I can't remember if it supported secure boot, but my Gigabyte z68-based board (2nd gen Core series) had UEFI support.

Camm · Jun 29, 2021

Prime2515102 said:
I'm not sure how widespread it was, and I can't remember if it supported secure boot, but my Gigabyte z68-based board (2nd gen Core series) had UEFI support.

I remember Gigabyte did this big ass BIOS to UEFI update rollout (I had an Assassin2 at the time and remember being impressed by it), I think Gigabyte was one of the exceptions here.

Solaris17 · Jun 29, 2021

I hope they learn to support external 2.0 TPMs it’s my understanding they currently don’t.

As for there new security stance, I’m all
For it. It’s seriously about time someone attempted to fix the low hanging fruit in the PC industry.

AFAIC the people that are against this are literally part of the problem. One small step removed from being responsible for your last ransomware infection.

DeathtoGnomes · Jun 29, 2021

Gmr_Chick said:
It only makes absolute sense for Windows 11 to support Intel 7th gen and Ryzen 1000 series. We're only talking 2017 here. It's not like it's Haswell or the FX series.

HEY! I like my FX series

, ohh maybe I wont have to upgrade to 11!

Mussels · Jun 29, 2021

I could get this for OEM's, but why everyone else?

cyberloner · Jun 29, 2021

remove the tpm requirement ......... my fx8350 still damn strong

Hossein Almet · Jun 29, 2021

My motherboard has a TPM header and it's not a 7th gen, WTF!

birdie · Jun 29, 2021

99% of people out there don't use BitLocker full disk encryption and couldn't care less about TPM.

This whole saga is a fantastic load of crap.

GerKNG · Jun 29, 2021

i just want a proper and detailed explanation why i need a TPM to run windows 11. for what and why is it used?!

Arcdar · Jun 29, 2021

I get it for companies and OEM's .... but for general home-user-public TPM2.0 should not be a fixed requirement....

I mean, there are so many good systems that don't need an upgrade (xeon v1-v3's still have enough power for general usage..... ) that would still work absolutely fine with windows 11..... if it wouldn't be for the TPM requirement

and, that it's not on the list of supported cpus ...... which states 1Ghz minimum .... but Gen8+ .... slight oxymoron .....

Camm · Jun 29, 2021

birdie said:
99% of people out there don't use BitLocker full disk encryption and couldn't care less about TPM.

This whole saga is a fantastic load of crap.

And this is why it is now mandatory because users cant be trusted to do security.

johnp · Jun 29, 2021

I see no reason why not use TPM if it is present, and not use it if it isn't present.

Marshal_90 · Jun 29, 2021

Very interesting.

A few hours ago a Microsoft support agent told me that they're gonna change the hardware requirements!
We also talked about older platforms like AMD FX which has a TPM header and he said that you can install the OS without problem if you get a TPM Module.

We just have to wait and see what happens. it's not finished yet.

Naito · Jun 29, 2021

Aside from TPM, could it be MS doesn't want to support processors that have less hardware mitigation for the spectre and meltdown family of vulnerabilities?

Selaya · Jun 29, 2021

Camm said:
And this is why it is now mandatory because users cant be trusted to do security.

Yeah, a safe with the key glued/soldered to it, brilliant idea.

such secure
much encrypt
very safe
wowe

Raven Rampkin · Jun 29, 2021

I feel kinda entitled rn with my Zen1 but yea this whole situation smells like moar e-waste by the powaah of the e-waste gods

BSim500 · Jun 29, 2021

Camm said:
And this is why it is now mandatory because users cant be trusted to do security.

Until the average Joes start to encrypt all their data based on hardware encryption and then change hardware, at which point after searching for "what the hell does repopulate your TPM hex recovery key mean, I can't find mine anywhere and didn't back it up. Also what is a command prompt and have I really just lost all my data?" that they deeply regret using hardware based Bitlocker vs something like VeraCrypt volumes that just use normal passwords / pass-phrases, use far stronger encryption that Bitlocker's default AES-128, have far fewer "issues" when changing hardware / sharing encrypted external drives between different computers and actually work in mixed Win/Lin cross-platform environments...

Tsukiyomi91 · Jun 29, 2021

if MS wants to really save face and time, they should have just remove TPM and Secure Boot entirely from W11's requirement and let the end users decide how they want to protect or encrypt their PCs. At the end of the day, all these features that's supposed to "protect your data" is pointless when one allows remote access to bad actors (e.g refund scam call centers), gathering all your sensitive data and potentially lock you out.

Vya Domus · Jun 29, 2021

Camm said:
And this is why it is now mandatory because users cant be trusted to do security.

This has nothing to do with the user side of things though. TPM doesn't mean full system encryption or anything like that, it's just a standard used for some hardware security features inside the processor.

In other words a system may support TPM but still be completely open to any kind of attack.

System Name	RBMK-1000
Processor	AMD Ryzen 7 5700G
Motherboard	Gigabyte B550 AORUS Elite V2
Cooling	DeepCool Gammax L240 V2
Memory	2x 16GB DDR4-3200
Video Card(s)	Galax RTX 4070 Ti EX
Storage	Samsung 990 1TB
Display(s)	BenQ 1440p 60 Hz 27-inch
Case	Corsair Carbide 100R
Audio Device(s)	ASUS SupremeFX S1220A
Power Supply	Cooler Master MWE Gold 650W
Mouse	ASUS ROG Strix Impact
Keyboard	Gamdias Hermes E2
Software	Windows 11 Pro

Processor	Ryzen 7 7700X
Motherboard	ASUS ROG Crosshair X670E Extreme
Cooling	Thermalright Grand Vision 360mm AIO, 3x Be Quiet Light Wings, 1x Silent Wings 4
Memory	32GB (2x16) Kingston Fury Beast CL30 6000MT/s
Video Card(s)	MSI GeForce RTX 3070 SUPRIM X
Storage	1x Crucial P5 Plus nvme m.2 SSD, 1x Crucial T500 nvme m.2 SSD
Display(s)	Asus ROG Swift PG32UCDM (main); Asus ROG Swift PG27AQDM (secondary)
Case	Corsair 3500X (no fan variant)
Power Supply	Corsair RMx (2021) 1000W 80-Plus Gold
Mouse	Varies based on mood/task; is currently Razer Basilisk V3 Pro or Razer Cobra Pro
Keyboard	Varies based on mood; currently Razer Deathstalker V2 Pro TKL

System Name	ATHENA
Processor	AMD 7950X
Motherboard	ASUS Crosshair X670E Extreme
Cooling	ASUS ROG Ryujin III 360, 13 x Lian Li P28
Memory	2x32GB Trident Z RGB 6000Mhz CL30
Video Card(s)	ASUS 4090 STRIX
Storage	3 x Kingston Fury 4TB, 4 x Samsung 870 QVO
Display(s)	Acer X38S, Wacom Cintiq Pro 15
Case	Lian Li O11 Dynamic EVO
Audio Device(s)	Topping DX9, Fluid FPX7 Fader Pro, Beyerdynamic T1 G2, Beyerdynamic MMX300
Power Supply	Seasonic PRIME TX-1600
Mouse	Xtrfy MZ1 - Zy' Rail, Logitech MX Vertical, Logitech MX Master 3
Keyboard	Logitech G915 TKL
VR HMD	Oculus Quest 2
Software	Windows 11 + Universal Blue

System Name	Cyberline
Processor	Intel Core i7 2600k -> 12600k
Motherboard	Asus P8P67 LE Rev 3.0 -> Gigabyte Z690 Auros Elite DDR4
Cooling	Tuniq Tower 120 -> Custom Watercoolingloop
Memory	Corsair (4x2) 8gb 1600mhz -> Crucial (8x2) 16gb 3600mhz
Video Card(s)	AMD RX480 -> RX7800XT
Storage	Samsung 750 Evo 250gb SSD + WD 1tb x 2 + WD 2tb -> 2tb MVMe SSD
Display(s)	Philips 32inch LPF5605H (television) -> Dell S3220DGF
Case	antec 600 -> Thermaltake Tenor HTCP case
Audio Device(s)	Focusrite 2i4 (USB)
Power Supply	Seasonic 620watt 80+ Platinum
Mouse	Elecom EX-G
Keyboard	Rapoo V700
Software	Windows 10 Pro 64bit

System Name	Bessy 6.0
Processor	i7-7700K @ 4.8GHz
Motherboard	MSI Z270 KRAIT Gaming
Cooling	Swiftech H140-X + XSPC EX420 + Resevior
Memory	G.Skill Ripjaws V 32GB DDR-3200 CL14 (B-die)
Video Card(s)	MSI GTX 1080 Armor OC
Storage	Samsung 960 EVO 250GB x2 RAID0, 940 EVO 500GB, 2x WD Black 8TB RAID1
Display(s)	Samsung QN90a 50" (the IPS one)
Case	Lian Li something or other
Power Supply	XFX 750W Black Edition
Software	Win10 Pro

Microsoft Considers Tweaking Windows 11 TPM Requirement to Include Zen 1 and 7th Gen Core

btarunr

Editor & Senior Moderator

Rais

GeorgeMan

Gmr_Chick

Camm

ZoneDymo

Prime2515102

Camm

Solaris17

Super Dainty Moderator

DeathtoGnomes

Mussels

Freshwater Moderator

cyberloner

Hossein Almet

birdie

GerKNG

Arcdar

Camm

johnp

Marshal_90

New Member

Naito

Selaya

Raven Rampkin

BSim500

Tsukiyomi91

Vya Domus

System Name	RogueOne
Processor	Xeon W9-3495x
Motherboard	ASUS w790E Sage SE
Cooling	SilverStone XE360-4677
Memory	128gb Gskill Zeta R5 DDR5 RDIMMs
Video Card(s)	MSI SUPRIM Liquid 5090
Storage	1x 2TB WD SN850X \| 2x 8TB GAMMIX S70
Display(s)	49" Philips Evnia OLED (49M2C8900)
Case	Thermaltake Core P3 Pro Snow
Audio Device(s)	Moondrop S8's on Schitt Gunnr
Power Supply	Seasonic Prime TX-1600
Mouse	Razer Viper mini signature edition (mercury white)
Keyboard	Wooting 80 HE White, Gateron Jades
VR HMD	Quest 3
Software	Windows 11 Pro Workstation
Benchmark Scores	I dont have time for that.

System Name	Dumbass
Processor	AMD Ryzen 7800X3D
Motherboard	ASUS TUF gaming B650
Cooling	Artic Liquid Freezer 2 - 420mm
Memory	G.Skill Sniper 32gb DDR5 6000
Video Card(s)	GreenTeam 4070 ti super 16gb
Storage	Samsung EVO 500gb & 1Tb, 2tb HDD, 500gb WD Black
Display(s)	1x Nixeus NX_EDG27, 2x Dell S2440L (16:9)
Case	Phanteks Enthoo Primo w/8 140mm SP Fans
Audio Device(s)	onboard (realtek?) - SPKRS:Logitech Z623 200w 2.1
Power Supply	Corsair HX1000i
Mouse	Steeseries Esports Wireless
Keyboard	Corsair K100
Software	windows 10 H
Benchmark Scores	https://i.imgur.com/aoz3vWY.jpg?2

System Name	Rainbow Sparkles (Power efficient, <350W gaming load)
Processor	Ryzen R7 5800x3D (Undervolted, 4.45GHz all core)
Motherboard	Asus x570-F (BIOS Modded)
Cooling	Alphacool Apex UV - Alphacool Eisblock XPX Aurora + EK Quantum ARGB 3090 w/ active backplate
Memory	2x32GB DDR4 3600 Corsair Vengeance RGB @3866 C18-22-22-22-42 TRFC704 (1.4V Hynix MJR - SoC 1.15V)
Video Card(s)	Galax RTX 3090 SG 24GB: Underclocked to 1700Mhz 0.750v (375W down to 250W))
Storage	2TB WD SN850 NVME + 1TB Sasmsung 970 Pro NVME + 1TB Intel 6000P NVME USB 3.2
Display(s)	Phillips 32 32M1N5800A (4k144), LG 32" (4K60) \| Gigabyte G32QC (2k165) \| Phillips 328m6fjrmb (2K144)
Case	Fractal Design R6
Audio Device(s)	Logitech G560 \| Corsair Void pro RGB \|Blue Yeti mic
Power Supply	Fractal Ion+ 2 860W (Platinum) (This thing is God-tier. Silent and TINY)
Mouse	Logitech G Pro wireless + Steelseries Prisma XL
Keyboard	Razer Huntsman TE ( Sexy white keycaps)
VR HMD	Oculus Rift S + Quest 2
Software	Windows 11 pro x64 (Yes, it's genuinely a good OS) OpenRGB - ditch the branded bloatware!
Benchmark Scores	Nyooom.

System Name	CyberMania
Processor	AMD RYZEN 7 5800X3D
Motherboard	GB AORUS PRO AC B550
Cooling	CM HYPER212 TURBO ARGB
Memory	XPG D50 DDR4-3600 16X 2
Video Card(s)	MSI GeForce RTX™ 5060 Ti 16G INSPIRE 2X OC
Storage	XPG M.2 NVME SPECTRIX D40 512GB 2TB
Display(s)	SAMSUNG 43" QLED
Case	CM ELITE 430
Audio Device(s)	REALTEK HD
Power Supply	CM WME GOLD 650WATT
Software	Windows 11 24H2

Processor	5950X
Motherboard	Dark Hero
Cooling	Custom Loop
Memory	Crucial Ballistix 3600MHz CL16
Video Card(s)	Gigabyte RTX 3080 Vision
Storage	980 Pro 500GB, 970 Evo Plus 500GB, Crucial MX500 2TB, Crucial MX500 2TB, Samsung 850 Evo 500GB
Display(s)	Gigabyte G34WQC
Case	Cooler Master C700M
Audio Device(s)	Bose
Power Supply	AX850
Mouse	Razer DeathAdder Chroma
Keyboard	MSI GK80
Software	W10 Pro
Benchmark Scores	CPU-Z Single-Thread: 688 Multi-Thread: 11940

Processor	AMD Ryzen 9 9950X3D
Motherboard	ASRock B850M PRO-A
Cooling	Corsair Nautilus 360 RS
Memory	2x32GB Kingston Fury Beast 6000 CL30
Video Card(s)	PowerColor Hellhound RX 9070 XT
Storage	1TB Samsung 990 Pro, 2TB Samsung 990 Pro, 4TB Samsung 990 Pro
Display(s)	LG 27GS95QE-B, MSI G272QPF E2
Case	Lian Li DAN Case A3 Black Wood Edition
Audio Device(s)	Bose Companion Series 2 III, Sennheiser GSP600 and HD599 SE - Creative Soundblaster X4
Power Supply	Corsair RM1000X ATX 3.1
Mouse	Razer Deathadder V3
Keyboard	Razer Black Widow V3 TKL
VR HMD	Oculus Rift S

Processor	Intel Core i7-4790
Memory	32 GB
Video Card(s)	NVIDIA GeForce RTX 2060
Software	Manjaro Linux GNOME, Windows 11 Pro (with Debian Linux in WSL 2)

System Name	Desktop
Processor	AMD Ryzen 7 5800X3D
Motherboard	MAG X570S Torpedo Max
Cooling	Corsair H100x
Memory	64GB Corsair CMT64GX4M2C3600C18 @ 3600MHz / 18-19-19-39-1T
Video Card(s)	EVGA RTX 3080 Ti FTW3 Ultra
Storage	Kingston KC3000 1TB + Kingston KC3000 2TB + Samsung 860 EVO 1TB
Display(s)	32" Dell G3223Q (2160p @ 144Hz)
Case	Fractal Meshify 2 Compact
Audio Device(s)	ifi Audio ZEN DAC V2 + Focal Radiance / HyperX Solocast
Power Supply	Super Flower Leadex V Platinum Pro 1000W
Mouse	Razer Viper Ultimate
Keyboard	Razer Huntsman V2 Optical (Linear Red)
Software	Windows 11 Pro x64

System Name	Rainbow Puke Machine Reborn :D
Processor	Intel Core i5-11400 (MCE enabled, PL removed)
Motherboard	ASUS STRIX B560-G GAMING WIFI mATX
Cooling	Corsair H60i RGB PRO XT AIO + HD120 RGB (x3) + SP120 RGB PRO (x3) + Commander PRO
Memory	Corsair Vengeance RGB RT 2 x 8GB 3200MHz DDR4 C16
Video Card(s)	ASRock ARC B580 Challenger 12GB (Stock)
Storage	Corsair MP600 PRO 1TB M.2 PCIe Gen4 x4 SSD
Display(s)	LG 29WK600-W Ultrawide 1080p IPS Monitor (primary display)
Case	Corsair iCUE 220T RGB Airflow (White) w/Lighting Node CORE + Lighting Node PRO RGB LED Strips (x4).
Audio Device(s)	ASUS ROG Supreme FX S1220A w/ Savitech SV3H712 AMP + Sonic Studio 3 suite
Power Supply	Corsair RM750x 80 Plus Gold Fully Modular
Mouse	Corsair M65 RGB FPS Gaming (White)
Keyboard	Corsair K60 PRO RGB Mechanical w/ Cherry VIOLA Switches
Software	Tweaked Windows 11 Professional x64 (Update 24H2) OS

System Name	Good enough
Processor	AMD Ryzen R9 7900 - Alphacool Eisblock XPX Aurora Edge
Motherboard	ASRock B650 Pro RS
Cooling	2x 360mm NexXxoS ST30 X-Flow, 1x 360mm NexXxoS ST30, 1x 240mm NexXxoS ST30
Memory	32GB - FURY Beast RGB 5600 Mhz
Video Card(s)	Sapphire RX 7900 XT - Alphacool Eisblock Aurora
Storage	1x Kingston KC3000 1TB 1x Kingston A2000 1TB, 1x Samsung 850 EVO 250GB , 1x Samsung 860 EVO 500GB
Display(s)	LG UltraGear 32GN650-B + 4K Samsung TV
Case	Phanteks NV7
Power Supply	GPS-750C