Skip to main content

Microsoft justifies Windows 11 TPM 2.0 requirement in new video

Microsoft Windows 11 running on an Apple MacBook laptop.
(Image credit: rawf8/Shutterstock)

Windows 11 officially launched last week. It brings many new features and updates to the Windows experience. It also comes with some stringent hardware requirements. Chief among these is TPM (Trusted Platform Module) support — a feature even some not-so-old PCs lack. Microsoft has stated that these requirements are in place to protect systems from hackers. The Redmond-based company has now released a video which aims to justify Windows 11’s strict hardware requirements.

Starring Microsoft security expert Dave Weston, the video contains two examples of real-world attacks Windows 11 protects against. In the first clip, Weston shows how hackers can use an RDP (remote desktop protocol) port to brute force their way into a PC (via password) and infect a computer with ransomware. The second example has Weston using a PCI Leech device to bypass fingerprint-recognition login on a PC. 

Weston then shows how Windows 11 protects against both threats, calling out the operating system's Virtualization-based Security (VBS) as a key way of protecting PCs against attacks like the fingerprint login bypass.

Regarding VBS, sister site Techradar notes that it can cause gaming frame rate drops. VBS is on by default in Windows 11, and even if you own a powerful gaming PC you could still (potentially) experience frame rate drops. If you’re a gamer, this could be a serious issue.

We can’t begrudge Microsoft wanting to protect users against attacks such as those detailed in the video. In fact, it’s great that Windows 11 has such security measures in place. However, the company could have done a better job of explaining things like TPM in the lead-up to Windows 11’s release. Not having TPM 2.0 is one of the primary reasons folks have been unable to update to Windows 11 on older machines (myself included), and there's a lot of gray area in the Windows 11 TPM requirements. It's possible you might not be able to install Windows 11 because your PC might have an outdated TPM 1.2 chip (though there's a Microsoft-provided workaround to install Windows 11 if you have TPM 1.2). Or you may have a TPM chip on your motherboard that just needs to be turned on via the BIOS. In short, the situation can be frustrating.

Windows 11 is still new, meaning folks around the world are still discovering its many quirks. And since there’s still some confusion surrounding latest Microsoft’s operating system, we hope the company continues releasing more videos explaining Windows 11’s features and functions.

Tony Polanco

Tony is a computing writer at Tom’s Guide covering laptops, tablets, Windows, and iOS. During his off-hours, Tony enjoys reading comic books, playing video games, reading speculative fiction novels, and spending too much time on Twitter. His non-nerdy pursuits involve attending Hard Rock/Heavy Metal concerts and going to NYC bars with friends and colleagues. His work has appeared in publications such as Laptop Mag, PC Mag, and various independent gaming sites.