No TPM? No Windows 11 for you!

[Steven P. Administrators]

Just now, adrynalyne said:

WHOA!  That was almost a TRIPLE TPM!

 

(let me know if the reference escapes you :p)

It escapes me, I am also very tired  

[Talaba]

"No TPM? No Windows 11 for you!" Who said that? If you know how? Sabretooth 990FX  has no TPM but I install Windows 11 easy.

[Ve7878]

1 minute ago, Talaba said:

"No TPM? No Windows 11 for you!" Who said that? If you know how? Sabretooth 990FX  has no TPM but I install Windows 11 easy.

That isn't the final build for starters.

[adrynalyne]

3 minutes ago, Steven P. said:

It escapes me, I am also very tired  

 

[George P Global Moderator]

As far as the whole TPM thing goes, I thought my i7 6700k would support Intels TPP but look as hard as I could and I couldn't find any sort of setting for it in my UEFI, I just went online and ordered a Asus TPM chip online and will install it on my board once I have it.

[+virtorio MVC]

Until running the PC Health Check app I had no idea I didn't have Secure Boot enabled nor the AMD fTPM feature enabled.

[PsYcHoKiLLa]

1 hour ago, Xenon said:

I just bought a Asus TPM-M R2.0 module that is supposed to be TPM 2.0 from amazon (us) for $15. It is 14 pin. 

 

https://www.amazon.com/gp/product/B01DQQLH74/ref=ppx_yo_dt_b_asin_title_o00_s00?ie=UTF8&psc=1

Did you check your motherboard to make sure it's the 14-1 pin?

[Jim K Global Moderator]

Well...this is a bummer (for my old i7-3770k).

 

Have to check my notebook later and see if it has TPM 'cause I gots no idea.

 

 

[PsYcHoKiLLa]

1 hour ago, Xenon said:

I am using a i7 7700k on asus prime z270-a I have cant find anything in my bios with tpm. You know a way please post it. 

From your motherboard's manual

 

[PsYcHoKiLLa]

51 minutes ago, Talaba said:

"No TPM? No Windows 11 for you!" Who said that? If you know how? Sabretooth 990FX  has no TPM but I install Windows 11 easy.

That's the dev build, it probably doesn't include the check, By the way, I hope you didn't sign in with your Microsoft account, apparently Microsoft been checking for people using it.

[Xenon]

3 minutes ago, PsYcHoKiLLa said:

From your motherboard's manual

 

Well I fooled around in the setting, and turned it on and checked tpm.msc and I think I got it running. 

 

But still says I wont be able to run 11. I checked secure boot is on and my gtx 1060 seem directx 12 compatible. 

 

 

[PsYcHoKiLLa]

Yeah, the site doesn't even tell you what "ingredient" you are actually missing

[Xenon]

4 minutes ago, PsYcHoKiLLa said:

Yeah, the site doesn't even tell you what "ingredient" you are actually missing

All this for ROUNDED CORNERS! 

[Xenon]

12 minutes ago, PsYcHoKiLLa said:

That's the dev build, it probably doesn't include the check, By the way, I hope you didn't sign in with your Microsoft account, apparently Microsoft been checking for people using it.

Actually it does check. I tried to install it on a old notebook and it would not install.  Because of.... well you know. 

[+Elі Subscriber²]

After following this thread, I have been able to enable TMP 2.0 on my motherboard's configuration. Before enabling it, when I tried to join the Windows Insider Program it wouldn't let me join the Dev channel and said the PC was not compatible with Windows 11. (Expected) So I enabled it, rebooted and this time when I tried to join the Insider Program it allowed me to join the Dev channel, but it still said that the PC was not compatible. The  Microsoft PC Health app however says that the PC is compatible. Very confusing. I guess I need to check if Secure Boot is enabled also. I have Linux installed and might have disabled it in the  past.

 

Here's are the changes I did on my MSI Z2390M for anyone who might need it. Just go to Settings/Security/Trusted Computing:

 

 

Control Panel still says not compatible, but the Health App says it is 🙂

 

PS: Well, after another reboot, the PC now shows as fully compatible with Windows 11.

 

 

[Som]

1 hour ago, gate1975mlm said:

My two desktops have a Intel i7-4790K which apparently have TPM 1.2.

 

But Microsoft says you need TPM 2.0 so I guess I will not be able to upgrade the simple way?

 

I guess I will need to install Windows from an ISO on a USB and remove the "appraiserres.dll" entry?

 

If I do it this way will my copy of Windows 11 still activate using my Windows 10 key?

 

Unless you have a very modern PC this is really going to make a lot of users upset having to go the extra mile getting Windows 11 installed  

 

Why Microsoft why??????????????

 

 

 

 

I have the same CPU, i installed with the .dll fix, first through upgrade and then clean install, using it for my home pc and its activated and very fast

[timster]

the TPM 2.0 requirement was changed at some point this afternoon

 

https://docs.microsoft.com/en-us/windows/compatibility/windows-11/#hardware-requirements

Quote

Hardware Requirements

There are new minimum hardware requirements for Windows 11. In order to run Windows 11, devices must meet the following specifications. Devices that do not meet the hard floor cannot be upgraded to Windows 11, and devices that meet the soft floor will receive a notification that upgrade is not advised.

 

Hard Floor:

CPU: Core >= 2 and Speed >= 1 GHz

System Memory: TotalPhysicalRam >= 4 GB

Storage: 64 GB

Security: TPM Version >= 1.2 and SecureBootCapable = True

Smode: Smode is false, or Smode is true and C_ossku in (0x65, 0x64, 0x63, 0x6D, 0x6F, 0x73, 0x74, 0x71)

 

Soft Floor:

Security: TPMVersion >= 2.0

CPU Generation

 

[neufuse Veteran]

Since people are asking why use a hardware TPM vs Intel's firmware TPM... the hardware (discrete) TPM is more secure

 

Firmware TPM (CPU) has a trusted execution environment that tries to keep the TPM code from the rest of the CPU, but still is vulnerable to attacks, discrete TPM's aren't as vulnerable and execute independently of the CPU... Firmware TPM's also have the ability to get software bugs (ask Dell about their recent issue with firmware TPM's) which discrete TPM's run hardened code in a hardened environment 

 

There are actually 4 types of TPM's..

Discrete (TPM card)

Integrated TPM (Chip on motherboard)

Firmware (CPU)

Software (Emulated TPM that could use a real TPM or KMIP server for a primary TPM key, stuff like ESX Enterprise do this to provide TPM services to VM's)

[+Elі Subscriber²]

33 minutes ago, neufuse said:

Since people are asking why use a hardware TPM vs Intel's firmware TPM... the hardware (discrete) TPM is more secure

 

Firmware TPM (CPU) has a trusted execution environment that tries to keep the TPM code from the rest of the CPU, but still is vulnerable to attacks, discrete TPM's aren't as vulnerable and execute independently of the CPU... Firmware TPM's also have the ability to get software bugs (ask Dell about their recent issue with firmware TPM's) which discrete TPM's run hardened code in a hardened environment 

 

There are actually 4 types of TPM's..

Discrete (TPM card)

Integrated TPM (Chip on motherboard)

Firmware (CPU)

Software (Emulated TPM that could use a real TPM or KMIP server for a primary TPM key, stuff like ESX Enterprise do this to provide TPM services to VM's)

Quite interesting, thanks for the explanation, I wonder how to find out which specific type one might have.

[Fleet Command]

3 hours ago, Steven P. said:

If you have a modern CPU (after Haswell, which is 4th gen) then you will most likely have it in your CPU. Most motherboard manufacturers have Trusted Computing turned off by default, this is my AORUS Z390 Pro WiFi board (which is 8th and 9th gen):

 

 

 

The TPM Module has additional hardware based encryption for your Windows install and data on the harddisks. If you have a TPM Module, then you will have to clear TPM each time you want to clean install Windows on your system. (I am still learning how it all works).

With all due respect, you are talking about an Intel CPU. With Intel's name being in the dump these days, it is safe to assume Intel PTT is not an option.

[ManMountain]

A lot of focus on TPM 2.0, but not so much on the CPU's that are not supported in Windows 11.  

 

AMD supported CPU

Intel supported CPU

 

 

[spaceelf]

26 minutes ago, ManMountain said:

A lot of focus on TPM 2.0, but not so much on the CPU's that are not supported in Windows 11.  

 

AMD supported CPU

Intel supported CPU

wow I hadn't seen that yet, guess I should probably not be too ready to jump with my other machines

[margrave]

The lack of any TPM on my current system means no 11 for me.

[neufuse Veteran]

1 hour ago, Fleet Command said:

With all due respect, you are talking about an Intel CPU. With Intel's name being in the dump these days, it is safe to assume Intel PTT is not an option.

huh? Intel has had firmware TPM via PTT for generations now, and will continue to as it's standard now on both Intel and AMD (via their own firmware implementation)

[+Good Bot, Bad Bot Subscriber¹]

1 hour ago, ManMountain said:

A lot of focus on TPM 2.0, but not so much on the CPU's that are not supported in Windows 11.  

 

AMD supported CPU

Intel supported CPU

 

 

WTF? My AMD FX-8320 is not supported? Windows can't even read my TPM state. I have a Gigabyte GA-990FXA-UD3 R5 (rev. 1.0) systemboard and no secure boot options I can see. I have tried setting Windows 8 for OS type and disabling CSM but no luck.

 

The board was a good deal at the time but there has been a total of one BIOS update for it. 🙄

 

Anyone with suggestions would be welcome.

Edited June 25, 2021 by Superuser