The ballad of Windows 11’s TPM requirement continues: not only is Microsoft still having to clarify what the requirement means, it’s now been revealed virtual machine users may be missing out.
While virtual machine users were able to run pre-release versions of Windows 11, users have now found themselves unable to update the operating system. The issue seemingly behind this is that they do not have physical TPM modules.
- Everything you need to know about Windows 11
- What is a TPM? Why you need it for Windows 11
- Plus: iPad mini 6 has a major 5G weakness
The majority of PCs made in the past few years will already have a compatible TPM, even if the user needs to go into the BIOS and activate it first. The module itself is an "important building block’" for various Windows 11 features, specifically those tied to security — like Windows Hello and Bitlocker.
It also helps encrypt data, which keeps your hard drive safe from thieves. It’s not too difficult to see why Microsoft opted for the TPM requirement, and why it isn’t likely to relax that requirement. However, it is leaving virtual machine users without an option to upgrade.
As of Build 22000.194, Microsoft is enforcing the TPM requirement for everyone, including virtual machine users. Thanks to this, a lot of VM users running pre-release versions of Windows 11 have been locked out of the software.
It is possible for VM users to mimic the presence of TPM hardware, but it’s not a very common feature. In fact the majority of VMs that can spoof a TPM cost money, like Microsoft’s own Hyper-V Manager, which is only available to Windows 10 Pro and Enterprise users.
The same is true for Parallels Desktop 17, which allows Mac users to run Windows 11 despite the lack of official support for the M1 chip. But a Parallels licence costs a minimum of $80 a year.
Microsoft has always maintained that TPM 2.0 would be one of Windows 11’s system requirements. But the company really should have been enforcing that requirement from day one, rather than locking virtual machine users out after the fact.
We’ve already seen that there are ways around Windows 11’s TPM requirement. After all, Asus has already started updating firmware for older Intel CPUs, optimizing for the operating system. That’s in spite of these older processors not appearing to have physical TPM modules installed. But it's not entirely clear whether other companies will follow their example.
It’s also worth checking if your PC has a TPM module that hasn’t been activated. It's possible to enable them by yourself, provided you’re comfortable heading into the BIOS settings to do it. That doesn’t exactly help virtual machine users, but it means more people will still be able to use Windows 11 when it launches on October 5.
- More: How to install Windows 11: A step-by-step guide
Of course you are not going to use your physical machine’s TPM directly and/or forward it into a virtual machine (even though you can). For two reasons:
First, you do not want dangerous and untrusted game console firmware to ever touch your TPM and its key slots. B-class closed-source software waste belongs into a safe virtual machine container with a virtual TPM, not on real hardware.
Second, your virtual machine should be, ideally, live-migratable or, at the very least, offline-migratable. For that reason you need a virtual TPM that migrates with it, not a physical TPM that hardwires it onto one particular physical host.
This entire piece of hoax translates into:
— open your virtual machine settings (e.g. virt-manager),
— add a virtual TPM to the virtual machine,
— Click — Click — Done!
FFS, why is there so much fuss around it??? The interwebs are full of this nonsense. Ain’t there any real problem to write about?