Why is TPM 2.0 mandatory on Windows 11? Microsoft explains

Microsoft has been making the point that it must use the Trusted Platform Module (TPM) 2.0 as a basic security requirement to run Windows 11. However, many people never understood the reason for this insistence.

Because of that, the company decided to demonstrate in a practical way, what is the difference between a computer with TPM 2.0 and one without. According to Microsoft’s Director of Corporate Security and Operating System David Weston, the primary role of these requirements is a means of ensuring a safe experience for everyone on the Windows 11.

In short, this is nothing new, as the company has explained the fact several times. Nonetheless, Microsoft decided to further clarify the reason for using TPM 2.0, through a video. Below, check out all the details.

Why is TPM 2.0 mandatory on Windows 11?

In the video above, it is possible to observe how a criminal can take advantage of the loopholes to gain access to a vulnerable computer, both locally and remotely. From this, the criminal could use techniques of ransomware or theft of user identification credentials.

In the first part, it is possible to notice the successful exploitation of a vulnerability from the RDP port (Open Remote Desktop Protocol), with administrator access and the ability to control a Windows 10 PC without TPM and Secure Boot enabled.

In addition, the expert even shows the exploitation of a flaw in the fingerprint authentication process on a machine without VBS (Virtualization-based Security). In this case, the hacker can gain access to memory on the vulnerable system and change the biometric authentication code. This way, he is able to skip the verification step, something that would allow access by any individual.

With information, Microsoft Mechanics / Canaltech

Leave a Comment