Skip to content(if available)orjump to list(if available)

Microsoft deletes official Windows 11 CPU/TPM bypass for unsupported PCs

Microsoft deletes official Windows 11 CPU/TPM bypass for unsupported PCs

71 comments

·February 5, 2025
Visit

greenavocado

If you burn an ISO with Rufus it has a checkbox to skip the checks.

You can also use the unattended installation system: https://github.com/memstechtips/UnattendedWinstall

ch_123

What is Microsoft hoping to accomplish here? Given the rate of adoption of Windows 11, it seems unlikely that a majority of Windows 10 users will replace their hardware between now and October. It also seems to me that the scenario where a majority of PC users are running an unsupported Windows release is likely to create MS more problems than is offset by potential revenue from a hardware refresh cycle. Is there an ulterior motive at play beyond wanting to create a hardware refresh cycle?

xmodem

I don't think there's anything going on here other than general corporate ham-fisted-ness.

* Microsoft believes the improvements in windows 11 provide genuine benefit to their users.

* Microsoft doesn't want to maintain their older OS forever.

What we are seeing play out however is that the consumer / small business market either does not understand or does not care about those benefits. I don't see any viable end-state for this other than Microsoft relaxing the requirements for Windows 11 or extending the end-of-support date for Windows 10. Based on this action my money is on the latter.

hennell

As an Occam fan, I'd assume the main accomplishment is ensuring a minimum level of hardware capability for Windows 11. Anything on W11 will have a TPM so you can build around it. There's also a minimum CPU spec or whatever you can know you don't need to test under.

I'd imagine that cutting off support for 10+ year old machines and hardware would give a much bigger advantage then the revenue they get from a hardware refresh itself.

Mindwipe

It's pretty obviously two middle managers fighting each other, and senior management is too distracted by AI to worry about core products being on fire.

saratogacx

Maybe if the renamed the bypass Microsoft Windows 11 Installer Co-Pilot for Legacy Systems it would get their attention.

Alifatisk

The requirements for Windows 11 has really put computers with older hardware in a difficult spot.

They are used to Windows so they want to stay there, I want to suggest Linux Mint but I am not aware of how much of the apps used daily is supported in Linux.

Not every user want to fiddle with the terminal.

Daunk

I recently found out that a friend of mine installed Linux on his own, completely removing his Windows install. And he has yet to "fiddle with the terminal", but still enjoys gaming on Steam and goes on with his daily routine.

cesarb

One thing I've observed is that people who started using Linux a long time ago (which is my case) tend to slide into the command line, even when there's a perfectly good GUI alternative. Want to rename a file? Why use F2, just open a terminal, cd to the path, and mv the file.

Newer users who started with the GUI are less likely to have these habits.

blandenialo

Maybe its just me but I never use the command line unless necessary even tho I used to fidget with it in Ubuntu

MiddleEndian

A friend of mine also uses Linux Mint of his own volition. Smart but not a tech enthusiast, he's also never touched the command line.

queuebert

Linux is in desperate need of a PR campaign. The popular distros are just as functional out of the box as Windows, but no one knows it.

Alifatisk

> The popular distros are just as functional out of the box as Windows

Give me some names that works out of the box and resembles Windows. I have not tried Linux mint so I don't know how well it works for older people. Ubuntu has been quite good and stable but it has also required fiddling with the terminal.

The only one I found to be the best alternative to Windows is ... believe it or not, DeepinOS.

diggan

> The popular distros are just as functional out of the box as Windows, but no one knows it.

As always, it depends on what the user uses the computer for. Not everyone can run Windows full-time, as some applications don't work on Linux. I am a full-time Linux user for decades at this point, yet I still use applications that only run on Windows and are too latency sensitive to run well through a VM (and don't work at all via Wine).

Maybe though, these applications could get some love if there was a PR campaign for people to move to Linux...

tassadarforaiur

Valve expanding steamos compatibility might be the closest we're getting.Hopefully their flavour is viable for a variety of computers by windows 10 sunset date.

p_ing

Linux is in desperate need of a stable ABI that isn't Win32 as well as a stable, unified Window Server.

beart

In my experience, it is not about functionality. It is about polish, integrations, and troubleshooting. If you assume all your devices and software will work on Linux mint out of the box, great. But they won't. Then you end up spending hours trying to get the 5th mouse button to do what it does automatically in Windows. Sure there's a fancy utility on Linux that supports programming that mouse, good luck getting your mother to figure that out.

xmodem

At no point in history has using a 10-year-old PC been as viable as it is today.

teeray

I wonder if there’s any room for a manufacturer that would make an untrusted TPU. Like, one that quacks like a TPU, but has will sing like a bird if you ask for its keys. Violates all of the security guarantees? Yep, you bet. But it does provide some insurance against an industry that might want to use TPUs against us (e.g. DRM).

xmodem

You can install Windows 11 into a virtual machine with a virtual TPM, and it will detect and use the vTPM the same as it would a physical TPM on real hardware.

matt_heimer

Most of the systems would also fail the min CPU check.

Mindwipe

As has been pointed out here before, this is all TPUs. They are not used by DRM vendors because they are quite bad at stopping people with physical access getting the keys.

braggerxyz

I run 3 old and one modern PC at home. With the advent of Win11 and the TPM fiasco 3 years ago I sunset all my Windows installations in favor of Linux. After some experimentation I settled with Void Linux. Stable rolling release, and I have complete control over the hardware I own. Microsoft can go kick rocks...

mrweasel

Does TPM support/requirements actually have any meaningful impact on a home user? I could understand being a requirement for Windows 11 Pro (which I believe has Bitlocker, but Home does not). I don't see why it would be required for Home, maybe some features just wouldn't be available, but are those features that people actually care about?

heroprotagonist

My theory?

TPM is just about allowing Microsoft to run AI models and other cloud workloads on people's computers without them snooping at what Microsoft are running. This will let them offload the processing of their very costly analytics to the devices themselves and only receive back the target data that they want.

Basically, it'll let them snoop on users more effectively, at a lower price, without giving up the game about what they're actually doing and how.

p_ing

Has HN stooped this low?

RobotToaster

> but are those features that people actually care about?

The users? No.

The corporations that make DRM? Yes.

gruez

What are some examples of DRM that uses TPM? What does TPM provide that stuff like SGX (which is already used in DRM) doesn't provide?

mkopec

There are none. It's so immensely frustrating to me that so many people believe that a TPM is a DRM device. I'm sure Richard Stallman's Treacherous Computing article played a big part in this.

A TPM is useless for DRM, and there are way more suited solutions like Intel's PAVP that takes an encrypted video stream and puts it on the screen directly, yet I don't see nearly as much uproar about that.

bayindirh

IIRC widewine requires TPM for highest quality (level1)?

reginald78

Valorant requires it for anticheat. The purpose is to prevent users from running unauthorized software on the computers they allegedly own.

I wouldn't expect many examples to exist yet. You want to wait until almost everyone is on Windows 11 before you get up to those shenanigans.

bluescrn

Given trends of everything going subscription-only, is it unreasonable to suspect that the future of Windows could be subscription-only and a lot harder to pirate than previously?

Cumpiler69

To corporations period regardless if they make DRM or not. Enterprises want any and all features under the security umbrella for their fleets.

naikrovek

Remember boot-sector viruses? The TPM helps prevent those. DRM is not something that the TPM enables or helps with or facilitates in any way.

Please read this, and do your part to make the world a bit more educated, on average: https://en.wikipedia.org/wiki/Trusted_Platform_Module#Overvi...

If you don't dismiss my comment as the comment of a corporate shill, you might learn something, and in the future that knowledge may help you. I don't know, I can't predict the future, but I do know that ignorance is dumb.

LegionMammal978

> Remember boot-sector viruses? The TPM helps prevent those. DRM is not something that the TPM enables or helps with or facilitates in any way.

¿Porque no los dos? As noted elsewhere in this thread, TPM certainly facilitates VBS [0], and games like Valorant are already using that for anticheat [1]. As long as application programs can use it to help detect the environment being 'tampered' with (as opposed to the system just wrapping it up in a report for the user), they can use it to protect their particular application state, and I don't see why that shouldn't include DRM state.

[0] https://learn.microsoft.com/en-us/windows-hardware/design/de...

[1] https://support-valorant.riotgames.com/hc/en-us/articles/169...

pieenjoyer

Microsoft has made device encryption available to Home edition users if they sign in with a Microsoft account. It relies on the TPM to seal the volume key.

https://support.microsoft.com/en-us/windows/device-encryptio...

mkopec

> Does TPM support/requirements actually have any meaningful impact on a home user?

Disk encryption, Windows Hello and PIN bruteforce prevention. I have no love Microsoft and avoid using Windows whenever I can, but I think making those features accessible to more people is a good thing.

p_ing

VBS also requires it, which is a big improvement to Windows' security.

https://learn.microsoft.com/en-us/windows-hardware/design/de...

mrweasel

But Hyper-V is also a Windows 11 Pro feature (I get that it can be enabled on Home).

mrweasel

I was under the impression that Bitlocker wasn't available on Windows Home?

If you have an older computer, without TPM 1.2/2.0, then you already don't things like Windows Hello, but you might have secure boot and some brute force prevention, so you wouldn't be worse of as a home user if Microsoft allowed you to run Windows 11.

For new computers I can completely understand that Microsoft would demand that vendors ship systems with TPM 2.0. For upgrades I just struggle to see any really compelling reason, it's not like Apple where Microsoft is trying to also sell hardware, that's mostly on the OEMs.

xmodem

As of Windows 11, you can use Bitlocker on Windows Home.

(Personally I think you probably shouldn't bother with it unless you set a boot PIN, which still requires Pro to be allowed to change the right group policy settings.)

ale42

As a side note, Windows Server 2025 appears to share the OS base with Windows 11, but it doesn't seem to have the same requirements of CPU/TPM? Or am I wrong? (not that I'm suggesting to use Windows Server as a client OS, especially given its price tag)

ch_123

I suspect this is because servers have a more predictable refresh cycle than consumer PCs/desktops. While some places run their servers to death, many places (particularly big corps who are generating the most revenue for MS anyway) will retire servers at the end of their warranty period and buy new ones.

Given that, there is not the same need to force hardware updates. That said, it also illustrates how the TPM requirement is a business decision, not a technical one.

null

[deleted]

TiredOfLife

Same with windows 11 iot eneterprise. It's just the regular Windows 11, but without tpm and specific cpu requirements. Anything core i from intel works

poizan42

Isn't this a dupe of https://news.ycombinator.com/item?id=42934236 ?

txdv

My Mainboard has TPM turned off so I did not to sweat about the upgrade.

Now I will be forced to I guess.

MaxGripe

If I have TPM disabled in the BIOS, is there any point in not enabling it and using a bypass to install Windows 11? I’m wondering if there’s any scenario where keeping TPM disabled might seem like a good idea?

bArray

Just to name a few...

Operational reasons:

* You often replace hardware and move disks, etc, around

* The TPM is not compatible with hardware that you have: https://wiki.archlinux.org/title/Trusted_Platform_Module

* You have a TPM that is too old: https://www.dell.com/support/kbdoc/en-uk/000132583/dell-syst...

* Your TPM is damaged

Security reasons:

* For some reason the TPM is actually seriously compromised itself (i.e. RCE or firmware backdoors):

- https://www.reddit.com/r/sysadmin/comments/1akxbfn/youtuber_...

- https://www.beyondidentity.com/resource/cybersecurity-mythbu...

- https://www.bleepingcomputer.com/news/security/new-tpm-20-fl...

* You have an alternative security model, i.e. PTT: https://uk.crucial.com/support/articles-faq-ssd/alternatives...

* As others have pointed out, what if you're locked into using Windows, Windows requires TPM, and TPM implements something you don't like, for example DRM or it snoops on you. Maybe you have to let it scan your drives, maybe your TPM doesn't like your politics.

p_ing

> for example DRM or it snoops on you

Stop spreading FUD.

dade_

I’m nearly 100% migrated to Pop. MS gave lots of warning, but I still have a VM on 10 for a couple apps I rarely using including Office in case I absolutely need it. Hoping that Steam Console is real.

For work, I am stuck dealing with 11. There are many things I hate about 11, but why is it so damned slow and laggy on a brand new Copilot PC? File explorer is like loading file lists with a 2400 bps modem, and Office apps take far too long to load. It’s absurd how bad it is, and I can’t figure out why.

I’m getting old, I forget why I load an app before it loads…

Cumpiler69

The title is misleading. Microsoft deleted their article documenting the bypass, not the workaround itself.