What is TPM and Why is it Required in Windows 11?

Posted on

Microsoft defined that Windows 11 will require a TPM chip (Trusted Platform Module) in existing and new devices. See below what TPM is and why it’s required in Windows 11 and how these motherboard-integrated chips provide greater security or optimize the productivity of the Microsoft operating system.

What is TPM and Why is it Required in Windows 11?

What is TPM (Trusted Platform Module)

TPMs are designed to provide security and privacy to the platform owner and users, but recent versions can provide security and privacy benefits to the system hardware itself.

Hardware producers implement TPM as a component on a trusted computing platform, such as a computer, tablet or phone. Platforms use the TPM to support privacy and security scenarios that software alone cannot.

The software alone cannot reliably report if malware is present during the system boot process. Integration between the TPM and the platform increases transparency when starting the device and supports the assessment of equipment health.

Who created the TPM?

The creator was the TCG (Trusted Computing Group) which is a non-profit organization that publishes and maintains the TPM specification. The goal is to set and promote global, vendor-independent industry standards that support a hardware-based root for computing platforms.

TCG designed TPM as a low-cost, mass-market security solution that meets the requirements of different types of users: personal, business and government.

Why does Windows 11 require it installed?

The answers are all security questions. TPMs work by providing hardware-level protection rather than just software. It can be used to encrypt disks using Windows features such as BitLocker or to prevent forced password attacks.

They are used extensively in IT-managed business laptops and desktops. Microsoft wants to offer the same level of protection to all Windows users, even if it’s not always perfect.

It’s notorious that firmware attacks have been on the rise for months. Ransomware makes headlines constantly, being profitable and easy to repeat, it is a difficult problem to solve.

Microsoft chose to require the TPM to be proactive in keeping devices up to date, not depending on the user’s will.

Windows is the most widely used system in the world, so Microsoft software has been at the center of heavy attacks that have hit the media, such as the Russian-linked SolarWinds hack and the Hafnium hacks on the Microsoft Exchange Server.

The objective is to prevent this type of situation or make it more difficult to occur, significantly increasing the security and reliability of the system.