Shut Out of Windows 11: TPM Requirement Excludes Many PCs
Traditionally, we think of Windows as the operating system for the masses and that each new version is a no-brainer upgrade, even for those with older PCs. Right now, after six years on the market, Windows 10 makes up 78 percent of all Windows installs with Windows 7, which launched in 2009 (12 years ago!) taking second place at 16 percent. Windows 10 grew this fast because there was absolutely no reason not to upgrade. It works on every PC that runs Windows 7 or 8, it’s free (see how to get Windows 10 for free or cheap) and it has a slew of new features.
Microsoft didn’t make Windows 10 a free and easy upgrade just to be kind. The company wants to spend its time supporting the latest OS and it wants people using features like the Microsoft Store and Edge browser. It wants developers using its latest SDK to make groundbreaking apps that help the platform grow.
But Windows 11 changes all that, leaving a significant number of Windows 10 computers — even high-end workstations from just three years ago — out in the cold, because they won’t meet the minimum requirements, which have changed significantly for the first time since Windows 7 launched in 2009. To be fair, these new requirements, particularly requiring TPM modules (more on that below) and DX12 GPUs, are designed to provide a higher minimum baseline of security and performance than we’ve seen before. And Microsoft even seems like it’s expecting a significant number of users to stay on the current OS, having recently announced that it plans to support Windows 10 through 2025.
This is a sea change for Microsoft, because the company has previously prioritized new OS adoption over most else. In fact, the company was likely disappointed when it took two years longer than expected to reach 1 billion active monthly devices for Windows 10. With Windows 11, it’s going to take a lot longer and, as with Android devices, there’s likely to be more computers running older operating systems than the latest one for years and years to come. That’s bad news for users and developers.
|Windows 7||WIndows 8||Windows 10||Windows 11|
|CPU||1-GHz CPU||1-GHz CPU||1-GHz CPU||1-GHz, dual-core, 64-bit|
|GPU||DX9 Capable||DX9 Capable||DX9 Capable||DX12 capable|
|Storage Space||16GB (32-bit) / 20GB (64-bit)||16GB (32-bit) / 20GB (64-bit)||16GB (32-bit) / 20GB (64-bit)||64GB|
|Display||N/A||1024 x 768 (if you want to run store apps)||800 x 600 minimum||1280 x 720, 9-inch|
|BIOS||N/A||N/A||N/A||TPM 2.0 / UEFI Secure Boot|
These new minimum requirements don’t look too strenuous at first glance. According to Stephen Baker, vice president at analyst firm NPD, less than 4% of PCs sold in the last year have storage drives that were 64GB or smaller and the amount of systems with less than 4GB was “inconsequential.” In other words, almost all 2020-era new PCs would fit the bill, even if they don’t have one of the best SSDs.
However, most people don’t buy a new PC every year. In fact, according to Baker, the average replacement cycle for computers is 4 to 5 years. And I’m sure we all know people or have computers in our homes that are older than that.
You might think that the only computers affected by these changes are netbooks or sub-$200 laptops like the Dell Inspiron 3000 series (circa 2018) and Amazon VivoBooks, some of which had 2GB of RAM and 32GB of storage quite recently. However, even a major workstation CPU that came out in 2018 will likely not be able to run Windows 11.
Intel’s Xeon W-3175X, which launched in Q4 of 2018 for $2999 and sports 16 cores does not come with built-in TPM support. You can purchase a motherboard that has a TPM header and add a TPM chip after the fact, but many systems don’t have this by default. It’s hard to argue that a massive HEDT (high end desktop) from less than three years ago should not be able to run Windows 11.
TPM: A Deal Killer for Some
The problem for most users is not the RAM, storage or GPU requirements,, but the need for TPM 2.0, a feature most consumers don’t even know about that isn’t present on many computers from just a few years ago and is disabled on a lot of current-generation systems too.
A Trusted Platform Module (TPM) provides a secure way to store encryption keys, certificates and other sensitive data in hardware. For example, if you use Bitlocker encryption, TPM is what prevents someone from being able to just remove your hard drive, stick it in another computer and read the data.
In a blog post today, Microsoft explained its rationale for the TPM requirement saying:
“PCs of the future need this modern hardware root-of-trust to help protect from both common and sophisticated attacks like ransomware and more sophisticated attacks from nation-states. Requiring the TPM 2.0 elevates the standard for hardware security by requiring that built-in root-of-trust.”
And, to be fair, TPM 2.0 is hardly brand new. Starting in 2016, Microsoft required that “all new device models, lines or series” of devices come with TPM 2.0 implemented and enabled by default. However, clearly, that only applied to the company’s partners making OEM laptops and desktops, because many current motherboards come with TPM disabled by default and some recent high-end chips don’t have it on board. The good news is that, if you have a processor from the last three to five years, there’s a good chance you can enable TPM in the UEFI BIOS and solve this problem.
But there are probably a lot of PCs on the borderline here that don’t have TPM capability. Senior Writer Michelle Ehrhardt reports that her Core i7-6700K that she bought in 2016 did not have a TPM option in the motherboard BIOS so she’s probably out of luck. Some motherboards offer the ability to add a physical TPM module as an upgrade but who is going to do that?
Microsoft’s list of compatible CPUs leaves out any Intel processor that is older than 8th Gen Core and any AMD CPU older than Ryzen 2000 series (first gen Ryzen is not on the list). However, a Microsoft spokesperson said that these CPUs were listed because they have TPM so, in theory, if you have a CPU that’s not on the list and does support TPM, either through firmware or through a hardware upgrade chip, Windows 11 would install.
According to Microsoft, if you don’t have TPM, you simply will not be able to install Windows 11. According to Microsoft’s compatibility doc, the TPM 2.0 requirement is a “soft floor” where Windows 11 will warn you that it’s not a good idea to install and the “hard floor” below which you can’t install Windows 11 at all is having TPM 1.2 (something many people still don’t have). With either floor, you need TPM of some kind to be enabled and you’ll need Secure Boot enabled with your BIOS in native UEFI code, not compatibility or legacy modes.
Also note that there will be no more 32-bit Windows. So, if you have an old netbook with a 32-bit processor, there is no way it will run Windows 11.
Where Windows 10 required only DirectX 9 support, Windows 11 demands that your GPU handle DirectX 12. DirectX 9 is a standard that goes all the way back to 2002 when it debuted on Windows 98, Me and XP, but version 12 is only from 2015.
Now, to be fair, Nvidia GPUs as old as the Fermi (GTX 400), AMD chips as old as Graphics Core Next (Radeon 7000) and integrated Intel graphics going back all the way to Haswell (2013) work with DirectX 12. But if you were thinking of throwing Windows 11 on your Viliv N5 UMPC, a personal favorite of mine which runs on a low-power Atom processor from 2010, you’re out of luck.
At some point it was inevitable that Microsoft would stop supporting really old hardware and, by most accounts, the minimum requirements for Windows 11 are really minimal. However, the TPM requirement by itself may force a lot of people with five year old PCs to either stick with Windows 10 or upgrade to new computers.
The cynic in me says that Microsoft and OEMs are looking for reasons to drive a new PC upgrade cycle. But it’s also inevitable that, to guarantee a decent user experience with graphical features like rounded edges and translucent window widgets or modern security features like secure boot, you need to up your requirements. Just don’t expect to see Windows 11 hit 1 billion active devices any time soon.
Note: As with all of our op-eds, the opinions expressed here belong to the writer alone and not Tom’s Hardware as a team.