Microsoft says TPM 2.0 is mandatory for installing Windows 11
The technology is essential to protect future PCs from cyber criminals and sophisticated attacks from nation-states, the company says
Microsoft has updated the webpage for Windows 11 requirements, saying that PCs will be required to have a TPM 2.0 chip to install the new operating system.
It says the update is to allay confusion among Windows users last week about was the minimum hardware requirements for the new version of the operating system.
One support document published by Microsoft stated that Trusted Platform Module (TPM) 1.2 was the minimum requirement for running Windows 11 on a PC, while another page stated that it was TPM 2.0.
Many users with high-end PCs also complained last week that Microsoft's PC Health Check app warned them their machine was not compatible with the new OS's requirements.
The company has now fixed the conflicting information by confirming that Windows 11 requires TPM 2.0.
Steve Dispensa, VP of Product, Enterprise Mobility & Security at Microsoft, also stated on Twitter that the new version of Windows will only run on PCs that come with modern Intel, Qualcomm or AMD CPUs and with TPM 2.0. He added that the "the list will evolve over time".
A TPM is a dedicated chip that is either integrated into the PC's motherboard or added separately into the CPU to protect sensitive data - such as encryption keys and users credentials. The technology also defends against certain types of cyber attacks, including malicious tampering of hardware and the boot process in the PC.
Since 2013, Intel and AMD have added firmware TPM technology into many of their processors. For Intel chips, the technology is called Intel Platform Trust Technology (Intel PTT), and for AMD it is known as AMD Platform Security Processor (PSP).
TPM chips come in two versions: an older and less secure 1.2 version and a more secure 2.0 version.
Some OEMs have expressed unhappiness with Microsoft's TPM 2.0 requirement for Windows 11, arguing that it would make it more difficult to create affordable PCs.
"Microsoft, can you not impose a TPM requirement during a silicon shortage? Especially considering most desktop motherboards support TPM only as a purchasable accessory," Shen Ye, global head of hardware products at HTC Vive, wrote on Twitter.
However, Microsoft believes that incorporating the technology is essential to protect PCs from "ransomware and more sophisticated attacks from nation-states".
"Requiring the TPM 2.0 elevates the standard for hardware security by requiring that built-in root-of-trust," David Weston, director of enterprise and OS security at Microsoft, wrote in a blog post.
"The new set of hardware security requirements that comes with this new release of Windows is designed to build a foundation that is even stronger and more resistant to attacks on certified devices," Weston said.
"We know this approach works - secured-core PCs are twice as resistant to malware infection."
The first builds of Windows 11 will begin rolling out to Windows Insider testers this week. The company says it will make Windows 11 available on new desktops, laptops and other devices by the end of this year.
The new OS will see only one major feature update in a year, in contrast to twice-a-year feature updates for Windows 10, according to the Microsoft.