Microsoft: TPM 2.0 is a ‘non-negotiable’ requirement for Windows 11
With Windows 10 end of support on the horizon, Microsoft said its Trusted Platform Module (TPM) 2.0 requirement for PCs is a “non-negotiable standard” for upgrading to Windows 11.
TPM 2.0 was introduced as a requirement with the launch of Windows 11 three years ago and is aimed at securing data on a device at the hardware level. It refers to a specially designed chip — integrated into a PC’s motherboard or added to the CPU — and firmware that enables storage of encryption keys, security certificates, and passwords.
TPM 2.0 is a “non-negotiable standard for the future of Windows,” said Steven Hosking, Microsoft senior product manager, in a Wednesday blog post. He called it “a necessity for maintaining a secure and future-proof IT environment with Windows 11.”
New Windows PCs typically support TPM 2.0, but older devices running Windows 10 might not. This means businesses will have to replace Windows 10 PCs ahead of end of support for the operating system; that deadline is set for Oct. 14, 2025.
Windows 10 remains widely used — more so than its successor. According to Statcounter, the proportion of Windows 10 desktop PCs actually increased last month in the US and now accounts for 61% of desktops, compared to 37% for Windows 11.
Hosking noted that the “implementation [of TPM 2.0] might require a change for your organization.… Yet it represents an important step toward more effectively countering today’s intricate security challenges.”
For devices that don’t have TPM 2.0, Hosking recommends that IT admins: evaluate current hardware for compatibility with tools such as Microsoft Intune; “plan and budget for upgrades” of non-compliant devices; and “review security policies and procedures” to incorporate the use of TPM 2.0.
