Is it about data security? Microsoft requires devices to be equipped with TPM chips

Microsoft announced on June 24 that devices with Windows 11 must be equipped with TPM (Trusted Platform Module) chips. This is one of the major hardware updates that Microsoft has been pushing for many years.

So what exactly is TPM and why does Windows 11 need it.

▲Picture from: The Verge

"TPM is a chip that can be integrated into the motherboard of a PC, or it can be added to the CPU separately," explained David Weston, Microsoft's director of enterprise and operating system security. "The purpose is to protect sensitive data such as encryption keys and user credentials so that malware and attackers cannot access or tamper with these data."

From this point of view, this seems to be an important measure related to user safety.

▲David Weston, picture from: Microsoft

Unlike other security protection software, the TPM chip can provide users with hardware-level data protection. It is not only suitable for Windows-encrypted disks such as BitLocker, but also prevents dictionary attacks against passwords.

In fact, TPM chips are nothing new. TPM 1.2 chips existed as early as 2011, but they are usually used for commercial purposes. Considering various phishing, ransomware, supply chain and IoT vulnerabilities, this is an extremely necessary security measure for enterprise users.

"We found that 83% of companies have experienced firmware attacks, and only 29% of companies have allocated resources to protect their critical data." Weston said.

▲TPM chip, picture from: The Verge

But in fact, not just corporate users, Microsoft wants to apply the TPM chip to every PC. Since Windows 10, Microsoft has always required OEMs to provide support for TPM chips, but this requirement is not mandatory.

In the Windows 11 official website , Microsoft listed the minimum system requirements for Windows 11. It clearly mentions that the user's device needs to support TPM 2.0.

In order to ensure that the device meets this requirement, Microsoft requires users to download the PC Health application to check whether the device supports and enables TPM 2.0. This means that if your PC does not enable these functions when it leaves the factory, you will have to go to the BIOS to find the entry to enable this function.

▲PC Health, picture from: Bleeping Computer

However, TPM 2.0 is not the only requirement for installing Windows 11. If you have enabled TPM but have not passed the Windows 11 upgrade checker, it may be because your CPU is not in the supported list .

In addition to the processor, from January 2023, Microsoft also requires all Windows 11 devices except desktop computers to be equipped with a front camera. This is a major change in Windows hardware requirements since the release of Windows 8 in 2012.

#Welcome to follow Aifaner's official WeChat account: Aifaner (WeChat ID: ifanr), more exciting content will be provided to you as soon as possible.

Ai Faner | Original link · View comments · Sina Weibo