With the announcement of Windows 11, Microsoft is making a big change to the requirements to evaluate the compatibility of PCs running AMD and Intel CPUs. This requirements comes down to the TPM (Trusted Platform Module) support and there’s been a lot of confusion going around but that needs to be sorted out.
Most Intel & AMD PCs Are Ready For Windows 11 OS, Don’t Worry Much About Microsoft’s TPM Restrictions
The Trusted Platform Module or TPM is a security check which has been made a necessity to be enabled for the latest version of Windows 11. Microsoft recommends that systems with TPM 2.0 are ready for Windows 11 but systems running TPM 1.2 will also be supported. Now, this is just a security feature and there should be no impact on performance with either version of TPM. What makes this requirement interesting is that it wasn’t a required check-in in the previous versions of Windows.
There are new minimum hardware requirements for Windows 11. In order to run Windows 11, devices must meet the following specifications. Devices that do not meet the hard floor cannot be upgraded to Windows 11, and devices that meet the soft floor will receive a notification that an upgrade is not advised. (via Microsoft)
- CPU: Core >= 2 and Speed >= 1 GHz
- System Memory: TotalPhysicalRam >= 4 GB
- Storage: 64 GB
- Security: TPM Version >= 1.2 and SecureBootCapable = True
- Security: TPMVersion >= 2.0 and SecureBootCapable = True
- Smode: Smode is false, or Smode is true and C_ossku in (0x65, 0x64, 0x63, 0x6D, 0x6F, 0x73, 0x74, 0x71)
So what processors are recommended by Microsoft themselves? If you check their support page for Windows 11 compatible CPUs, following processors will have no issues running the operating system:
Windows 11 Compatible AMD CPUs (Full List Here)
- AMD Ryzen 2000 (Pinnacle Ridge)
- AMD Ryzen 3000 (Matisse)
- AMD Ryzen 3000 (Picasso)
- AMD Ryzen 4000 (Renoir)
- AMD Ryzen 5000 (Vermeer)
- AMD Ryzen 5000 (Cezanne)
- AMD Ryzen 5000 (Lucienne)
- AMD Ryzen Threadripper 2000
- AMD Ryzen Threadripper 3000
- AMD Ryzen Threadripper Pro 3000
- AMD EPYC 2nd Gen (Rome)
- AMD EPYC 3rd Gen (Milan)
Windows 11 Compatible Intel CPUs (Full List Here)
- Intel 8th Gen (Coffee Lake)
- Intel 9th Gen (Coffee Lake Refresh)
- Intel 10th Gen (Comet Lake)
- Intel 10th Gen (Ice Lake)
- Intel 11th Gen (Rocket Lake)
- Intel 11th Gen (Tiger Lake)
- Intel Xeon Skylake-SP
- Intel Xeon Cascade Lake-SP
- Intel Xeon Cooper Lake-SP
- Intel Xeon Ice Lake-SP
As you can tell, there are CPUs from 2017-2018 that are supported by Windows 11 without issues but that still leaves a majority of users who are running older CPUs in the dark. AMD Ryzen chips such as the 1st Gen (Summit Ridge) and Skylake chips from Intel are not even mentioned but they are fully compatible with the existing Windows 10 OS. What’s interesting is that Skylake does have some TPM 2.0 functionality so it remains to be seen how chips with partial or firmware (fTPM) BIOS capabilities are supported by the new Windows 11 OS.
Pro tip: trying to install Windows 11? You currently need Trusted Platform Module (TPM 2.0). AMD Ryzen BIOS code (AGESA) offers fTPM 2.0.
No 2.0? Don’t worry: Most mobos offer fTPM 1.2 at a minimum, which will also work w/ future builds of Win11 according to MS tech docs. pic.twitter.com/XPwSA9rSoH
— Robert Hallock (@Thracks) June 24, 2021
According to AMD’s Robert Hallock, even if you don’t have TPM 2.0, most Ryzen motherboards have fTPM 1.2 at a minimum which should work with Windows 11 operating system with ease. Also, one thing to note is that the upcoming insider build only runs on TPM 2.0 hardware but the Windows 11 official release will support TPM 1.2 hardware too.
Earlier this year, AMD disclosed mitigations related to potential security vulnerabilities for AMD firmware Trusted Platform Module (fTPM) versions v.96, v1.22, and v1.37. AMD believes the fTPM vulnerabilities only apply to some of its client processors as fTPM is not enabled on AMD server, graphics and embedded. AMD has delivered a patch to PC manufacturers to address the issue.
Microsoft Windows users can verify their fTPM version and find instructions to clear the TPM at: https://docs.microsoft.com/en-us/windows/device-security/tpm/initialize-and-configure-ownership-of-the-tpm
AMD has recommended that PC manufacturers qualify and release an updated BIOS integrating the fTPM patch, as appropriate, into production at the next available opportunity and provide guidance to end users to apply fixes as defined based on the product. For fTPM v1.37, AMD has notified PC manufacturers that they should consider updating the system BIOS ahead of clearing the fTPM to help protect generated platform-level keys. via AMD
There are also going to be several users who could be running TPM 2.0 / TPM 1.2 / fTPM 1.2 CPUs but failing to pass the Windows 11 requirement check. This could simply be due to the fact that the technology is disabled through the BIOS and needs to be enabled. A BIOS firmware update would also be required for some older platforms. Sure that isn’t much of a deal for PC enthusiasts & DIY builders but we have to acknowledge that there are a majority of users out there who don’t know how to do that and a more simplified way of doing this should be incorporated by Microsoft and PC motherboard manufacturers.