In recent days, the requirements that Microsoft demands to be able to upgrade a computer from Windows 10 to Windows 11 have been on everyone’s lips. In the first place, because those of Redmond only allow those that have Intel Core processors from their eighth generation to do so, or in the case of AMD, from their Zen 2 architecture. This, as our colleagues from MCPRO, leaves out of the list of “eligible” to thousands of teams, among which are many of those who are part of the Surface family.
The second great requirement, and one that compromises even more teams, is the obligation to have either a TPM 2.0 chip, or its equivalent TPM fTPM 2.0 function. In this case, the security argument is the one that has prevailed when establishing this requirement, using the arguments that David Weston, Director of Business and Operating System Security at Microsoft, exposes in this article.
In this sense, the Microsoft executive indicates that the TPM modules (Trusted Platform Modules) are an integral part of Microsoft’s strategy to respond to a time of growing cyber-criminal activity including threats as worrying as the phishing or the ransomware. Teams that include these modules, Weston writes, are better prepared to deal with these types of attacks.
The company’s head of security explains that Microsoft has been particularly involved in the field of security since 2019, with the development of its secure core, which combined hardware and firmware protection with virtualization technologies. And although the results they have obtained, especially in companies are encouraging, he affirms that the company needs a even stronger base to continue growing in this field, with TPM being the answer. That said, it has been reaffirmed by ensuring that all new PC’s equipped with Windows 11, will include TPM 2.0.
However, looking ahead, these requirements do not stop there. «In the medium term» comments the manager, «we will begin to see PCs equipped with Pluto, a technology developed between Microsoft and AMD that will be integrated into AMD, Intel and Qualcomm architectures. Pluton also integrates the TPM into the PC’s microprocessor, establishing a secure channel with Microsoft’s Azure cloud for secure Windows and firmware updates.
The role of TPM in Windows 11
As many of you know, the TPM module is a chip that is integrated into the motherboard of a PC or that can even be added later to the CPU (in fact, prices have started to rise).
Its purpose is to help protect encryption keys, user credentials, and other sensitive data behind a hardware barrier from malware and attackers. cannot access or manipulate that data. That said, what is the difference between TPM 1.0 and TPM 2.0?
According indicates Microsoft itself, the second version of this chip supports more sophisticated cryptographic algorithms, offers a more standardized experience, and most importantly, it can be fully integrated into the CPU.
Given the commotion that has been organized in networks, Weston has ensured that Microsoft has required a TPM chip to certify PCs since at least 2015, indicating that most PCs on the market support in the worst case the power add or update this security function, if it is not available on our computer, to update to Windows 11.