Microsoft made all sorts of significant additions to Windows 10 to help boost its security credentials, and it's now preparing to take a further step to ensure that devices running its latest OS remain safe and secure. From this summer, Microsoft says that it will require new Windows 10 devices to support TPM 2.0 by default.
TPM (Trusted Platform Module) technology is a hardware-level security feature, that requires a dedicated tamper-resistant chip to be integrated into a device to carry out cryptographic functions, such as generating, storing and decrypting keys for authentication purposes. TPM is a key element of Windows BitLocker encryption, and Microsoft describes it as a "critical component to Windows 10 features and delivering on our security promises to customers".
This summer, Microsoft will deliver the Windows 10 Anniversary Update, bringing a huge range of new features to users. And with the arrival of the update, the company is also beefing up its security requirements for new devices that ship with the latest version of its OS.
It states that "all new devices and computers, [running] all SKU's" of Windows 10 must include TPM 2.0 support, and that it must be enabled by default. This includes not just PCs and tablets, but also all Windows 10 Mobile phones.
There will be some exceptions though. Microsoft points out that "TPM remains optional" on Windows IoT, as well as for most Windows Server scenarios.
A further exception is that of "OEM systems for special purpose commercial systems, customer orders, and customer images with a custom image".
The details were revealed in slides from a recent Microsoft WinHEC event, which you can view in full here.
Many thanks to Cassim Ketfi (@NotCassim) for the heads-up!