For Unsupported PCs, Microsoft Has Released a TPM Check Bypass for Windows 11, But With Security Caveats

For Unsupported PCs, Microsoft Has Released a TPM Check Bypass for Windows 11, But With Security Caveats

Microsoft has released a new help webpage that explains how to go around the TPM 2.0 check and install Windows 11 on incompatible devices.

Given the tech giant’s steadfast position on the new Windows version’s minimal requirements, this is somewhat surprising.

However, it appears that Microsoft couldn’t overlook the fact that evading TPM checks is relatively straightforward, so, rather than risking their systems by allowing customers to use non-standard third-party scripts, they decided to provide them with an approved way to do so.

Users could take the following steps to install Windows 11 on non-supported systems:

  • Select Create tool now from the Windows 11 software download page and follow the installation instructions
  • Click Start, enter Registry Editor, and then click the icon to start the program on Windows
  • Create a new registry entry on HKEY_LOCAL_MACHINE\SYSTEM\Setup\MoSetup. Make use of the REG DWORD type
  • It should be titled “AllowUpgradesWithUnsupportedTPMOrCPU”
  • Set the value to “1”
  • Restart your PC

After that, you may upgrade by running Setup from the media while running Windows 10 or by booting directly from the media to perform Setup. Standard installation choices like ‘Keep Data Only,’ ‘Full Upgrade,’ and ‘Clean Install’ will all work as expected.

Even though the above looks straightforward, there are dangers associated with adding registry keys or altering existing values.

If you make mistakes in the Registry Editor, you may end up with a damaged filesystem or an unbootable operating system, leaving you with no choice but to reinstall it. As a result, if you choose to follow Microsoft’s guidelines, you do so at your own risk.

Also, TPM 2.0 has important security features that provide a number of “peace of mind” benefits. So, if you install Windows 11 on a non-TPM 2.0 chip or devices not meeting the minimum requirements, you’d miss out on all the feature’s security benefits.

In addition, because some underlying incompatibilities may cause minor or severe functional and security-related issues in the future, this approach would be most suitable for individuals having a compelling need to do so.

“Your device might malfunction due to these compatibility or other issues. Devices that do not meet this system requirement will no longer be guaranteed to receive updates, including but not limited to security updates,” Microsoft explains in a new support bulletin.

It’s critical to understand and accept these risks, as well as the fact that Microsoft does not suggest installing Windows 11 on an unsupported machine unless support tells you differently.

About the author

CIM Team

CIM Team

CyberIntelMag is the trusted authority in cybersecurity, comprised of leading industry experts for over 20 years, dedicated to serving cybersecurity professionals. Our goal is to provide a one-stop shop for knowledge and insight needed to navigate throughout today’s emerging cybersecurity landscape through in-depth coverage of breaking news, tutorials, product reviews, videos and industry influencers.