Drawbacks to bypassing Windows 11’s TPM requirement

Microsoft released Windows 11 in October 2021. As of January 2023, only 18.1% of PCs around the world run the new operating system (OS); while 68.75% are still using Windows 10. One possible reason for the slow adoption of the new OS is that Windows 11 would not install on devices that lack Trusted Platform Module (TPM) 2.0 chips.

Background details of a TPM chip

A TPM is a security chip that’s commonly found in the latest smartphones and PCs. It provides a hardware-based, tamper-resistant environment to create, store, and safeguard encryption keys in order to ensure secure access to data stored on a device. So if an unauthorized person gains access to your device and tries to tamper with your encrypted drives, the chip will stop the device from booting up. These chips were incorporated as standard built-in items on new laptops circa 2006.

TPM aims to securely store private information used to authenticate your platform.  Some apps and web services also use TPMs, however typically in a different capacity known as Software TPMs. Outlook uses a TPM for managing encrypted emails as an example. These TPM chips come in a handful of varieties that can be classified as the following:

• Discrete TPMs
• Integrated TPMs
• Firmware TPMs
• Hypervisor TPMs
• Software TPMs

The latter 2 of the list being non-physical or virtualized components. Furthermore, web browsers use TPM to store SSL certificates that are used to authenticate and create encrypted connections with websites among other tasks situationally dependent on the environment.

Conflicts with bypassing Windows 11’s TPM requirement?

Common conflicts now find users deeming Windows 11’s TPM 2.0 requirement too restrictive. This stems from the fact most were able to use Windows 10 securely with just TPM 1.2 embedded in their devices. This has led many to circumvent the TPM restriction so that their devices that don’t have the TPM 2.0 chip can still run the new OS. However, typically bypassing software or hardware recommendations directly correlates with consequences with the given device or application.  Abiding by Windows 11’s hardware requirements are in turn recommended by IT professionals for these reasons.

TPM 2.0 is more secure than TPM 1.2

Plain and simple, TPM 2.0 provides higher levels of security, as it supports more and newer cryptographic algorithms than its predecessors. This enables it to create stronger keys, making devices that use it more challenging for cybercriminals to compromise. Up to date security offerings are a pivotal concern and variable for all components in a given environment.  This is a major factor when reviewing an infrastructure for product or machine upgrades. While hardware or software is still operatable, its patches and hardware specifications must be kept current with contemporary industry offerings to match the security standards that will protect it from compromise.  Bypassing the TPM exemplifies this, as TPM is specifically designed to support current encryption methods.

Compatibility issues 

Before releasing Windows 11, Microsoft tested the operating system extensively on supported devices. This means that running Windows 11 on devices that don’t meet the hardware requirements may eventually lead to Windows 11 security vulnerabilities that only come into play when running on systems lacking TPM 2.0 support.  Addressing such problems with repeated troubleshooting may end up becoming more expensive than simply purchasing supported devices to begin with.

Microsoft won’t release updates for unsupported devices

Software updates are extremely important. They not only enhance the user experience through new features and quality-of-life upgrades, but updates also improve the OS’s defenses against even the newest cyberthreats. This means not receiving updates will put your device and business IT systems at greater risk of cyberattacks and compromise.

Reach out to Beringer today!

Cybersecurity is a critical concept for our team here at Beringer.  Don’t tackle these various threats alone, schedule a consultation with our team to review your network’s infrastructure at your convenience!

Beringer Technology Group, a leading Microsoft Gold Certified Partner specializing in Microsoft Dynamics 365 and CRM for Distribution also provides expert Managed IT Services, Backup and Disaster Recovery, Cloud Based Computing, Email Security Implementation and Training, Unified Communication Solutions, and Cybersecurity Risk Assessment.