News, tips, advice, support for Windows, Office, PCs & more
Home icon Home icon Home icon Email icon RSS icon

We're community supported and proud of it!

  • A single Registry line enables Windows 11 without TPM 2.0

    Home » Forums » AskWoody blog » A single Registry line enables Windows 11 without TPM 2.0

    Author
    Topic
    #2396409

    ISSUE 18.40 • 2021-10-18 PUBLIC DEFENDER By Brian Livingston Microsoft has published a new support document revealing a one-line entry anyone can add
    [See the full post at: A single Registry line enables Windows 11 without TPM 2.0]

    6 users thanked author for this post.
    Viewing 40 reply threads
    Author
    Replies
    • #2396440

      The other, very large shoe is the CPU requirement. As with TPM, there is at least one way to get around it and install Windows 11 on machines with older processors (See https://pureinfotech.com/install-windows-11-unsupported-pc/.

      Are there any real (as in the computer won’t work) reasons why one should not bypass the CPU vintage requirements as well or in addition to the TPM?

      I happen to have an HP Z-book that has TPM2 and secure boot onboard and enabled, but the PC Health App says the CPU (an i7-6700HQ) is “unsupported”.

    • #2396447

      If your PC is running Windows 10, and you have Windows 10 installation media available, then you don’t need any registry hack to upgrade to Windows 11 on unsupported hardware.

      I’m running Windows 11 now on a 2013 Intel DH87RL motherboard with an Intel© Core™ i5-4670 CPU @ 3.40GHz CPU, Secure Boot disabled, TPM 1.2 disabled.

      Create a fresh drive image before making system changes/Windows updates, in case you need to start over!
      "When you're troubleshooting, start with the simple and proceed to the complex."—M.O. Johns
      "Experience is what you get when you're looking for something else."—Sir Thomas Robert Deware

    • #2396480

      Brian, Good sleuthing!  Looking forward to seeing you in the next Ethan Hunt or Jason Bourne movie, albeit absent any amnesia.

      You’ve confirmed what we have all suspected for months, ever since the “leaked” Windows 11 and subsequent Microsoft pronouncements.  The US NIST, primarily but not only on behalf of DoD, has had a very heavy hand in mandating the Windows 11 TPM 2.0 requirement.  The red line CPU requirement still has not been explained clearly, and I want my 16-core Xeon tower with TPM 2.0 to run Windows 11 some day.

      1 user thanked author for this post.
    • #2396526

      Contrary to what is implied in this article, using the Secure Hash Algorithm 2, or SHA-2, these days is a requirement not only of government departments and agencies, but also of many universities and research labs, if one needs to login remotely to one of their computers. It is, for those who work remotely, in particular, something that is of enough importance to be really bothered about the inability to use it.

      Even Microsoft executives themselves can’t be certain what they’ll do in the years to come.”

      The future may not be guaranteed to us, who may not even know the day, nor the hour of our final passing, but we have been endowed by evolution — or by God if you prefer — with brains that let us make reasonable guesses and plan accordingly. By being this unpredictable and variable in their plans, like the “donna” that is so “móbile” in Verdi’s opera Rigoletto, the brains at Redmond pose some troubling questions for us regarding their present condition.

      Ex Windows user (Win. 98, XP, 7) since mid-2020. Now: running macOS Big Sur 11.6 & sometimes, Linux (Mint)

      MacBook Pro circa mid-2015, 15" display, with 16GB 1600 GHz DDR3 RAM, 1 TB SSD, a Haswell architecture Intel CPU with 4 Cores and 8 Threads model i7-4870HQ @ 2.50GHz.
      Intel Iris Pro GPU with Built-in Bus, VRAM 1.5 GB, Display 2880 x 1800 Retina, 24-Bit color.
      Waterfox "Current" and (now and then) Chrome. also Intego AV and Malwarebytes for the Mac.

      1 user thanked author for this post.
    • #2396527

      You may still run afoul of other requirements, such as a 1GHz dual-core 64-bit CPU or better, 4GB of RAM, 64GB of disk storage, and a Secure Boot–capable UEFI (formerly known as BIOS). Since this whole procedure is unsupported, you’re on your own if it doesn’t work.

      It was much simpler for me to just mount the Win11_English_x64.iso file I got from Download Windows 11 and then copy all its files to the hard disk so that I could edit appraiser.dll located in the sources folder using Notepad++ to preserve all the binary bytes, file length and structure. I just changed TRUE to FALS to suit me as shown in this snippet:

      [DT_ANY_SVH_BlockingSV]
      T:DT_ALL_CCO_DualCoreBlockingSV=TRUE
      T:DT_ALL_MEM_MemoryBlockingSV=TRUE
      T:DT_ALL_CPS_CpuSpeedBlockingSV=TRUE
      T:DT_ALL_SDS_SystemDiskSizeBlockingSV=TRUE
      T:DT_ALL_UEF_UefiSecureBootBlockingSV=FALS
      T:DT_ALL_SMO_SModeStateBlockingSV=TRUE
      T:DT_ALL_TPM_TpmVersionBlockingSVSetup=FALS
      T:DT_ALL_CFM_CpuFmsBlockingSVSetup=FALS

      and then resaved appraiser.dll. Then just run setup.exe to update. No idea if there are problems using this to clean install on a blank disk. See my post on “Unblocking Windows 11 Update“.

      HP Compaq 6000 Pro SFF PC / Windows 10 Pro / 21H1
      Intel®Core™2 “Wolfdale” E8400 3.0 GHz / 8.00 GB
      1 user thanked author for this post.
      • #2396744

        Opps… My mistake, that should have been appraiserres.dll in the sources directory which is the file with the INI data for the appraiser. It is so much harder to catch one’s own mistakes…

        HP Compaq 6000 Pro SFF PC / Windows 10 Pro / 21H1
        Intel®Core™2 “Wolfdale” E8400 3.0 GHz / 8.00 GB
        1 user thanked author for this post.
    • #2396537

      It was much simpler for me to just mount the Win11_English_x64.iso file I got from Download Windows 11 and then copy all its files to the hard disk so that I could edit appraiser.dll located in the sources folder using Notepad++ to preserve all the binary bytes, file length and structure. I just changed TRUE to FALS to suit me as shown in this snippet:

      “Simplee is in the eye of the beholder…

    • #2396540

      Contrary to what is implied in this article, using the Secure Hash Algorithm 2, or SHA-2, these days is a requirement not only of government departments and agencies, but also of many universities and research labs, if one needs to login remotely to one of their computers. It is, for those who work remotely, in particular, something that is of enough importance to be really bothered about the inability to use it.

      “Even Microsoft executives themselves can’t be certain what they’ll do in the years to come.”

      Enforcing what is required by user entities is not Microsoft’s responsibility. It has provided the capabilities to meet them but it should not be enforcing them on every user who wants/needs to run Windows 11 just because some customers insist on using them.

      Yes, there are apparently a number of ways to get around TPM/Secure Boot/CPU vintage with various registry settings. However, these are unsupported hacks and Microsoft has said that machines that have Windows 11 installed through their use may suddenly find themselves without patches with no notice and no recourse save reinstalling Windows 10, Linux or being scrapped. Windows 11 should have a supported way of installing itself on machines that don’t meet TPM/Secure Boot/CPU vintage diktats.

      2 users thanked author for this post.
      • #2396546

        Enforcing? No. Satisfying paying customers actual needs, yes.

        Ex Windows user (Win. 98, XP, 7) since mid-2020. Now: running macOS Big Sur 11.6 & sometimes, Linux (Mint)

        MacBook Pro circa mid-2015, 15" display, with 16GB 1600 GHz DDR3 RAM, 1 TB SSD, a Haswell architecture Intel CPU with 4 Cores and 8 Threads model i7-4870HQ @ 2.50GHz.
        Intel Iris Pro GPU with Built-in Bus, VRAM 1.5 GB, Display 2880 x 1800 Retina, 24-Bit color.
        Waterfox "Current" and (now and then) Chrome. also Intego AV and Malwarebytes for the Mac.

        • #2396555

          Actually you don’t need Windows 11 to satisfy any of those needs. Windows 10 already can do all of that. In particular, see “Enable virtualization-based protection of code integrity“. Also go into Device security in Windows Security and make sure everything is turned on. All Windows 11 does is to turn all those settings on by default but it does not prevent you from turning them off again especially if it’s slowing down your PC because you don’t have the latest and greatest eighth generation CPU .

          HP Compaq 6000 Pro SFF PC / Windows 10 Pro / 21H1
          Intel®Core™2 “Wolfdale” E8400 3.0 GHz / 8.00 GB
          2 users thanked author for this post.
      • #2396550

        I’m going to be alternative viewpoint here:  If you don’t have the hardware needed in order to have the security goodness of virtualization, protection of credentials and what not, why do you need to install Windows 11?

        You want the center menu?

        Susan Bradley Patch Lady

        8 users thanked author for this post.
        • #2396552

          To Susan: A good question at those big corporations, government departments, etc. with lots and lots of perfectly good PCs that are not fit to use Windows 11, and now are sort of fit, thanks to an appropriately 11th hour reprieve, but not fit enough to use SHA-2 along with 11, even if they could use 11 with that limitation.  “The” Windows 11 that has the goodies (or so it is proclaimed) these organizations need for more secure computing.

          There might be some procurement issues here, you know, excessing all those perfectly OK computers in one go after replacing them with an equal number of maybe OK ones with an extra chip, or a newer extra chip? Fortunately, those organizations do not change the operating system right away a new version comes out, not matter what MS decrees, enforces, prescribes or begs: they are not early adopters.

          Besides, there is always macOS and Linux. Just saying.

          Ex Windows user (Win. 98, XP, 7) since mid-2020. Now: running macOS Big Sur 11.6 & sometimes, Linux (Mint)

          MacBook Pro circa mid-2015, 15" display, with 16GB 1600 GHz DDR3 RAM, 1 TB SSD, a Haswell architecture Intel CPU with 4 Cores and 8 Threads model i7-4870HQ @ 2.50GHz.
          Intel Iris Pro GPU with Built-in Bus, VRAM 1.5 GB, Display 2880 x 1800 Retina, 24-Bit color.
          Waterfox "Current" and (now and then) Chrome. also Intego AV and Malwarebytes for the Mac.

          • #2396558

            Money, money, money… You mean like Great Britain’s National Health Service still running on (Windows 95 / Thanks @b) Windows XP on their antiquated PCs?

            HP Compaq 6000 Pro SFF PC / Windows 10 Pro / 21H1
            Intel®Core™2 “Wolfdale” E8400 3.0 GHz / 8.00 GB
            • #2396567

              Money? Of course! Unless the people working there generously provide it out of their own pockets, something has to be done by these organizations to be able to pay the manufacturers and sellers and etc., to get all those many new, shiny, Win 11 fully-capable machines. And that means getting the royal nudge from The Bean-counters That Be.

              And, in this case here, with Win 10 vs. 11, maybe there is not just money, but also some common sense and a capacity for considering the relevant facts, foreseeing the consequences of possible actions, then making relevant plans accordingly?

              (I do not know enough about what Brits use when they feel under the weather to comment  on that Win 95 issue.)

              Ex Windows user (Win. 98, XP, 7) since mid-2020. Now: running macOS Big Sur 11.6 & sometimes, Linux (Mint)

              MacBook Pro circa mid-2015, 15" display, with 16GB 1600 GHz DDR3 RAM, 1 TB SSD, a Haswell architecture Intel CPU with 4 Cores and 8 Threads model i7-4870HQ @ 2.50GHz.
              Intel Iris Pro GPU with Built-in Bus, VRAM 1.5 GB, Display 2880 x 1800 Retina, 24-Bit color.
              Waterfox "Current" and (now and then) Chrome. also Intego AV and Malwarebytes for the Mac.

            • #2396573

              Money, money, money… You mean like Great Britain’s National Health Service still running on Windows 95 on their antiquated PCs?

              More than two years ago the NHS was running Windows XP on just 0.16% of their computers:

              NHS still running outdated Windows XP on over 2,000 computers

              Are they really still running Windows 95 on any?

              Windows 10 Pro version 21H2 build 19044.1387 + Microsoft 365 (group ASAP)

              2 users thanked author for this post.
            • #2396660

              NHS Scotland has been running on Windows 10 since 2019 – a bit late I know, but we got there in the end.

        • #2396584

          If you don’t have the hardware needed in order to have the security goodness of virtualization, protection of credentials and what not, why do you need to install Windows 11?

          I don’t need the security goodness of virtualization, protection of credentials or drive encryption.  My 2013 MB/CPU can run VBS, but I don’t have a need.  I had two reasons to install Windows 11; to see if it was possible (I had a strong suspicion that it was) and to see if it was better or worse than Windows 10 (which I much prefer over any previous version of Windows).  So far, it seems to be an improvement; not huge, but noticeable.

          You want the center menu?

          Not at all, but I was counting on the folks at StartIsBack to have something ready at RTM, and StartAllBack was there.

          StartAllBack

          It’s rather like Windows Update for me.  I have no reason to pause or otherwise hinder any update other than drivers.  I have a library of drive images at the ready should something go south, but so far, so good, even with Windows 11.  It’s an upgrade.

          Create a fresh drive image before making system changes/Windows updates, in case you need to start over!
          "When you're troubleshooting, start with the simple and proceed to the complex."—M.O. Johns
          "Experience is what you get when you're looking for something else."—Sir Thomas Robert Deware

    • #2396543

      Brian, Good sleuthing!  Looking forward to seeing you in the next Ethan Hunt or Jason Bourne movie, albeit absent any amnesia.

      You’ve confirmed what we have all suspected for months, ever since the “leaked” Windows 11 and subsequent Microsoft pronouncements.  The US NIST, primarily but not only on behalf of DoD, has had a very heavy hand in mandating the Windows 11 TPM 2.0 requirement.  The red line CPU requirement still has not been explained clearly, and I want my 16-core Xeon tower with TPM 2.0 to run Windows 11 some day.

      I have seen a number of sources claiming the CPU vintage diktat is related to the CPU microcode vulnerabilities that came to light a few years ago. The “blessed” CPUs are the ones that have those issues corrected in the silicon.

      I don’t know that any of them are “official”, but it certainly makes sense.

    • #2396547

      Enforcing? No. Satisfying paying customers needs, yes.

      Yes, enforcing. To have a supported Windows 11 installation, I must comply with all those “customers” needs. If Microsoft were not enforcing, there would not have to be long discussions about how to hack one’s way around them. At most, there would be some warnings/caveats during installation or upgrade with the option to bypass them and have a supported installation.

      • #2396560

        Originally, you could have made your made hardware able to run Windows 11 a requirement in your requisition and you would have been assured of getting that hardware compliance. However since Microsoft downgraded that minimum CPU requirement it’s no longer true.

        HP Compaq 6000 Pro SFF PC / Windows 10 Pro / 21H1
        Intel®Core™2 “Wolfdale” E8400 3.0 GHz / 8.00 GB
        • #2396569

          Not a past requisition, but a future one.

          Of the computers already bought, probably many were bought before this exact chip issue cropped up, maybe five or six years ago (certain equipment rotation may be, approximately, over those many years). Has anyone ever worked for a government department, agency or any other really big organization here before?

          Ex Windows user (Win. 98, XP, 7) since mid-2020. Now: running macOS Big Sur 11.6 & sometimes, Linux (Mint)

          MacBook Pro circa mid-2015, 15" display, with 16GB 1600 GHz DDR3 RAM, 1 TB SSD, a Haswell architecture Intel CPU with 4 Cores and 8 Threads model i7-4870HQ @ 2.50GHz.
          Intel Iris Pro GPU with Built-in Bus, VRAM 1.5 GB, Display 2880 x 1800 Retina, 24-Bit color.
          Waterfox "Current" and (now and then) Chrome. also Intego AV and Malwarebytes for the Mac.

          • #2396574

            Nearly 20 years ago, computer and software research and development. We bought PCs made by our own company but those replaced were kept and handed down to junior colleagues or used as servers or test equipment. There was no wholesale replacement pipeline mentality when I worked there. I cannot imagine any large organization able to afford to replace everything at once especially since new software would also be required as well as training and lots of IT work. Much better to airgap the PC network, block all cell phone signals and lockdown Wi-Fi traffic to them.

            2 users thanked author for this post.
            • #2396593

              I cannot imagine any large organization able to afford to replace everything at once especially since new software would also be required as well as training and lots of IT work.

              I worked almost 32 years for a global Fortune 500 mining company.  They upgraded hardware on a cycle; all PC hardware.  Local IT would show up at an office with a truckload of new PC’s.

              When they were ready to upgrade the OS, that was timed to coincide with a hardware upgrade cycle, so that it could all be done in one fell swoop.  New PC with new OS all from the same image.

              They were on Windows 7 Enterprise until mid-2019, when they made the changeover to new hardware with their tweaked version of Windows 10.  Their where-the-money-meets-the-road-software was proprietary, and resided on mainframes.  Windows PC’s were workstations to bridge to the main software and the huge databases.  They had their own Exchange Servers for email, and used push for all updates.

              I could logon any PC at any location and have my desktop, all my email, all my files right there, and access to whatever I needed from any one of those databases.

              Microsoft doesn’t dictate to everyone.

              Create a fresh drive image before making system changes/Windows updates, in case you need to start over!
              "When you're troubleshooting, start with the simple and proceed to the complex."—M.O. Johns
              "Experience is what you get when you're looking for something else."—Sir Thomas Robert Deware

            • #2396600

              That’s why we can get good deals on gently used refurbs.  All of those computers come off leases.

              Susan Bradley Patch Lady

              2 users thanked author for this post.
            • #2396614

              bbearren: “Their where-the-money-meets-the-road-software was proprietary, and resided on mainframes. Windows PC’s were workstations to bridge to the main software and the huge databases.

              Unfortunately, that is not how big research organizations, or the military in some of their labs, or out in operations, where they need to be largely self-sufficient, to run something like theater-awareness enabling software, for example, actually, mostly, work. Researchers and their collaborators, for another example, usually have most, or everything they need, and everything they develop, in their own machines.
              Because we spend a lot of time, not with test tubes in hand, wearing white coats and having light bulbs turning on above our heads, but pounding to create and debug code on the keyboards of the machines assigned to us, personally, to do our work. Not on those of server dumb terminals. Unless one considers a computer several of us share, but independently of each other, for *some* cooperative work, to make it easier to exchange certain things some of us have or make, such as software or data, besides and as well as our own personally assigned machines, “a server.”

              Servers, in such organizations, are for holding widely used software or large data bases, among a few other reasons, so there is no need for everyone to have a copy bought just for them. But that is just the tip of the iceberg.

              Ex Windows user (Win. 98, XP, 7) since mid-2020. Now: running macOS Big Sur 11.6 & sometimes, Linux (Mint)

              MacBook Pro circa mid-2015, 15" display, with 16GB 1600 GHz DDR3 RAM, 1 TB SSD, a Haswell architecture Intel CPU with 4 Cores and 8 Threads model i7-4870HQ @ 2.50GHz.
              Intel Iris Pro GPU with Built-in Bus, VRAM 1.5 GB, Display 2880 x 1800 Retina, 24-Bit color.
              Waterfox "Current" and (now and then) Chrome. also Intego AV and Malwarebytes for the Mac.

    • #2396559

      Enforcing? No. Satisfying paying customers actual needs, yes

      Enforcing ? Yes. Maybe Satisfying customers who build backdoors into TPM…

      • #2396564

        Say…what? TPM uses the same chip that your cell phone’s sim card and credit card use!

        HP Compaq 6000 Pro SFF PC / Windows 10 Pro / 21H1
        Intel®Core™2 “Wolfdale” E8400 3.0 GHz / 8.00 GB
    • #2396595

      Thanks Brian,
      I installed Win 11 on my spare laptop (Today) that HP quit supporting on Sept. 29th. I was taken back when I saw that my 7th gen i7 processor wasn’t on the list of supported processors. The UEFI is TPM 2.0 and this computer is very viable. The installation went perfectly. I am still testing but I haven’t run into any problems yet. I sent HP a nasty gram though they may have been influenced by the profit motive to stop support.

      Thanks for your article. I get to pretest on this spare computer before upgrading the ‘Qualifying’ ones in the rest of the house.

      Jeff O’Brien

    • #2396601

      Originally, you could have made your made hardware able to run Windows 11 a requirement in your requisition and you would have been assured of getting that hardware compliance. However since Microsoft downgraded that minimum CPU requirement it’s no longer true.

      How long ago were the hardware requirements for Windows 11 published officially by Microsoft? Even so, was there really an option to buy “Windows 11-proof” computers before pretty much all new machines simply came Windows 11-compliant? It seems that by and large, computers were not Windows-11 compatible (CPU vintage being a big factor) and then they were. I am talking about business/corporate-grade machines, not the cheapest-price wins consumer ones at the big box stores.

      1 user thanked author for this post.
      • #2396699

        Even so, was there really an option to buy “Windows 11-proof” computers before pretty much all new machines simply came Windows 11-compliant?

        Yes:

        We’ve worked closely with our OEM and retail partners to bring you powerful Windows 10 PCs today, that will take you into the future with Windows 11. Here are a few to check out.

        Microsoft just published details of 15 laptops they recommend for Windows 11 (along with their October 5 release date announcement):

        Ready to elevate to 11? There’s never been a better time to purchase a new PC

        Windows 10 Pro version 21H2 build 19044.1387 + Microsoft 365 (group ASAP)

    • #2396604

      I’m going to be alternative viewpoint here:  If you don’t have the hardware needed in order to have the security goodness of virtualization, protection of credentials and what not, why do you need to install Windows 11?

      You want the center menu?

      Lord, NO!!!! 🙂 The only reason I want to run Windows 11 at all, ever, is wanting to have a supported version of Windows on October 115th, 2025.

      Were it not for that, I would not bother with it all as there is nothing in it that’s better than Windows 10, dreamy, billowy ads notwithstanding.

      3 users thanked author for this post.
    • #2396605

      See “MBEC (Mode Based Execution Control) the culprit why only more modern CPUs can run Windows 11“.

      A number of folks here have already proven that Windows 11 runs on older CPUs.

    • #2396606

      That’s why we can get good deals on gently used refurbs.  All of those computers come off leases.

      Indeed! And that’s where my clients will be shopping in a year or so when the refurbs start shipping with Windows 11 Pro vice Windows 10 Pro.

      1 user thanked author for this post.
    • #2396612

      Before the official Windows RTM, I bought a replacement for my failing Intel NUC. The new NUC has everything it will need to run Windows 11.

      That said, I will not be upgrading to Windows 11 until I absolutely have to. By then I may be on my next NUC, capable of running Windows 12!

      Linux is a totally different situation. Sometimes a PC is too bleeding-edge to run some Linux distros on its internal SSD, for example. But that’s a different discussion…

      -- rc primak

      • #2396616

        Methinks that one way MS might have open, to fulfill quickly their massive distribution of Win 11, could be by treating the install DVDs (is anyone still using those?) with a varnish that (a) makes them useless for this purpose, while making them also easy to clean, so they can, instead (b) sell them in packs of a dozen each, as shiny coasters, for a pretty penny, to their admiring fanboys. And to their admiring fangirls too, of course, of course.

        Ex Windows user (Win. 98, XP, 7) since mid-2020. Now: running macOS Big Sur 11.6 & sometimes, Linux (Mint)

        MacBook Pro circa mid-2015, 15" display, with 16GB 1600 GHz DDR3 RAM, 1 TB SSD, a Haswell architecture Intel CPU with 4 Cores and 8 Threads model i7-4870HQ @ 2.50GHz.
        Intel Iris Pro GPU with Built-in Bus, VRAM 1.5 GB, Display 2880 x 1800 Retina, 24-Bit color.
        Waterfox "Current" and (now and then) Chrome. also Intego AV and Malwarebytes for the Mac.

    • #2396636

      Well, darn it, I keep thinking that ol’ Brian and ol’ Fred must be slippin’ behind the times by now. Then I read another clear, incisive and informative report like this one and I must tip my hat yet again to the expertise we enjoy here. And, while I’m at it, allow me to compliment Susan Bradley once more for her continuing informative Defcon updates. I can’t believe it’s nearly twenty years ago that Mz. Bradley provided not one, but two, definitive answers within minutes to complex questions I posed. C’mon Susan, own up now, are you 29 or 39 years old? I just can’t work it out in my head.

      Cheers!

    • #2396644

      A number of folks here have already proven that Windows 11 runs on older CPUs

      They run unprotected and vulnerable.
      Those Windows 11 PCs will be attacked at no time.

      • #2396687

        MHCLV941 wrote: A number of folks here have already proven that Windows 11 runs on older CPUs

        They run unprotected and vulnerable. Those Windows 11 PCs will be attacked at no time.

        Just like we were running Windows 10 “unprotected and vulnerable”, Windows 8.1 “unprotected and vulnerable”, Windows 8 “unprotected and vulnerable”, Windows 7 “unprotected and vulnerable”, Windows XP “unprotected and vulnerable”, etc. etc.  What you actually typed, “… attacked at no time“, is likely more accurate than you intended, no doubt.

        Windows 11 is an upgrade to Windows 10; they renamed it because of the fancy new UI.  Under the hood, it’s just an upgrade.  By “requiring” (which has, so far, proven to be a policy statement, not an actual requirement) Secure Boot and TPM2, they did not open a huge backdoor into the OS.

        Those of us running Windows 11 on unsupported hardware are no less protected now that we were running Windows 10 on the same hardware.

        FUD, FUD, FUD and more FUD.

        Create a fresh drive image before making system changes/Windows updates, in case you need to start over!
        "When you're troubleshooting, start with the simple and proceed to the complex."—M.O. Johns
        "Experience is what you get when you're looking for something else."—Sir Thomas Robert Deware

        2 users thanked author for this post.
    • #2396652

      A number of folks here have already proven that Windows 11 runs on older CPUs

      They run unprotected and vulnerable.
      Those Windows 11 PCs will be attacked at no time.

      I am sure they are terrified but exactly how is a WIndows 11 on an unsupported computer any more vulnerable than Windows 10 running on the same machine?

      The point is not that Windows 11 on a compliant PC is more secure (how much so has yet to be demonstrated) than Windows 10 on a PC that does not support Windows 11. The real point is whether an unsupported PC running Windows 11 is LESS secure than that same machine running Windows 10.

      Unless it can be shown that Windows 11 on an unsupported PC is less secure than Windows 10 on that same machine, there is no reason why hundreds of millions of PCs are within 4 years of (1) running a no-longer supported OS or (2) going to a landfill.

      (1) Yes, I know such machines could be converted to Linux but that’s not going to happen in large enough numbers to notice.
      (2) Would anyone argue that running an OS that is no longer getting patches and updates makes a positive contribution to cybersecurity?

    • #2396662

      The US NIST, primarily but not only on behalf of DoD, has had a very heavy hand in mandating the Windows 11 TPM 2.0 requirement.

      Wait for the Chinese (Russian…) version with no TPM, VBS,…None of PCs sold in China has TPM.
      They do have Chinese Government developed TCM.

    • #2396656

      A number of folks here have already proven that Windows 11 runs on older CPUs

      They run unprotected and vulnerable.
      Those Windows 11 PCs will be attacked at no time.

      At best that’s just a guess… unless you know something we don’t. 🙂

    • #2396746

      Even so, was there really an option to buy “Windows 11-proof” computers before pretty much all new machines simply came Windows 11-compliant?

      Yes:

      We’ve worked closely with our OEM and retail partners to bring you powerful Windows 10 PCs today, that will take you into the future with Windows 11. Here are a few to check out.

      Microsoft just published details of 15 laptops they recommend for Windows 11 (along with their October 5 release date announcement):

      Ready to elevate to 11? There’s never been a better time to purchase a new PC

      You miss the point. It’s immaterial what Microsoft or anyone else says today about machines that are compatible with Windows 11. What matters is whether there was correct and authoritative information on WIndows 11 hardware requirements that could have been used to inform purchase decisions 2,3 or 4 years ago.

      • #2396763

        You miss the point. It’s immaterial what Microsoft or anyone else says today about machines that are compatible with Windows 11. What matters is whether there was correct and authoritative information on WIndows 11 hardware requirements that could have been used to inform purchase decisions 2,3 or 4 years ago.

        I didn’t miss the point. That was what Microsoft said about compatible machines seven weeks ago, not today. But I didn’t realize you were expecting notice of requirements years ago.

        I doubt whether Microsoft knew 3 or 4 years ago that there would be a Windows 11.

        Are many computers sold in the last 2 years not compatible with Windows 11?

        Windows 10 Pro version 21H2 build 19044.1387 + Microsoft 365 (group ASAP)

      • #2396777

        A four year old computer is starting to have seen way better days.  Microsoft needs to mandate certain hardware for businesses to get more secure. By making it part of Win11 they can draw the line in the sand.

        Susan Bradley Patch Lady

    • #2396750

      MHCLV941 wrote: A number of folks here have already proven that Windows 11 runs on older CPUs

      They run unprotected and vulnerable. Those Windows 11 PCs will be attacked at no time.

      Just like we were running Windows 10 “unprotected and vulnerable”, Windows 8.1 “unprotected and vulnerable”, Windows 8 “unprotected and vulnerable”, Windows 7 “unprotected and vulnerable”, Windows XP “unprotected and vulnerable”, etc. etc.  What you actually typed, “… attacked at no time“, is likely more accurate than you intended, no doubt.

      Windows 11 is an upgrade to Windows 10; they renamed it because of the fancy new UI.  Under the hood, it’s just an upgrade.  By “requiring” (which has, so far, proven to be a policy statement, not an actual requirement) Secure Boot and TPM2, they did not open a huge backdoor into the OS.

      Those of us running Windows 11 on unsupported hardware are no less protected now that we were running Windows 10 on the same hardware.

      FUD, FUD, FUD and more FUD.

      There is a critical distinction that you miss. I’ve installed – and run for production use – Windows 10 on machines with Core 2 Duo processors. Never so much as a whimper from the installer. Microsoft is actively preventing Windows 11 installation hardware that doesn’t check all its boxes. Yes, there are hacks that allow it to be done, but that’s the point – you have to hack the installer.

      For Windows 10, Microsoft said “If your device does not meet these requirements, you may not have the great experience intended with Windows 10 and might want to consider purchasing a new PC.” (https://www.microsoft.com/en-us/windows/windows-10-specifications)

      For Windows 11, Microsoft says “These are the minimum system requirements for installing Windows 11 on a PC. If your device does not meet these requirements, you may not be able to install Windows 11 on your device and might want to consider purchasing a new PC.” (https://www.microsoft.com/en-us/windows/windows-11-specifications)

      It also says “This PC doesn’t meet the minimum system requirements for running Windows 11 – these requirements help ensure a more reliable and higher quality experience. Installing Windows 11 on this PC is not recommended and may result in compatibility issues. If you proceed with installing Windows 11, your PC will no longer be supported and won’t be entitled to receive updates. (emphasis added) Damages to your PC due to lack of compatibility aren’t covered under the manufacturer warranty.” (https://support.microsoft.com/en-us/windows/installing-windows-11-on-devices-that-don-t-meet-minimum-system-requirements-0b2dc4a2-5933-4ad4-9c09-ef0a331518f1)

      So far as I know, Microsoft never said that WIndows 10 on unsupported hardware would be denied updates nor did the installer ever simply refuse to install Windows 10 because the hardware was not on the supported list.

      • #2396756

        If you proceed with installing Windows 11, your PC will no longer be supported and won’t be entitled to receive updates.

        Entitled? And yet my test system with its elderly Core 2 DUO processor did in fact get updated to Windows 11 Version 21H2 (OS Build 22000.258). See the results here. So what actually happens is up to the whims of Microsoft. Maybe they will force all programs to run in a 64-bit virtual sandbox in the future which the Core 2 DUO processor cannot do. For now it works. I am not sure what Microsoft implies by “your PC will no longer be supported” other than by the manufacturer providing firmware or new drivers which they already do not do for my vintage system. That is an empty threat. I think all Microsoft is saying is that they will not bother to test their changes on older hardware anymore and so will not be responsible if anything breaks. That does not seam any different from what they are already doing. Just another empty threat.

        HP Compaq 6000 Pro SFF PC / Windows 10 Pro / 21H1
        Intel®Core™2 “Wolfdale” E8400 3.0 GHz / 8.00 GB
        1 user thanked author for this post.
      • #2396758

        There is a critical distinction that you miss.

        Backatcha, @MHCLV941.  There is a critical distinction that you seem to have overlooked.  Windows 10 suggested Secure Boot and Trusted Platform Module use; it just didn’t require it.  The Windows 11 installation wrapper is coded to check and deny upgrade to PC’s that don’t have Secure Boot and Trusted Platform Module up and running.  Did you not read Brian Livingston’s article?

        Install.wim, the file that is the reality of Windows 11, works quite readily with the Windows 10 installation wrapper.  I could have been protected with Windows 10, but it was only a suggestion, not a requirement.  I, along with quite a few others, did not follow the suggestions, and were running unprotected.  Miraculously, my PC has survived!

        I have not run a Microsoft Supported version of Windows since 98.  I’ve sliced, diced and reassembled Windows to suit my own needs and requirements for a stable, secure and more efficient operating system.  The only malware infection I ever encountered was in Windows 95 via a floppy disk given to me by an IT professional, who was very apologetic.

        Windows 11 is not a new OS, it a Windows 10 minor upgrade with a UI revision that sucks out loud.  StartAllBack completely eliminates that obnoxious UI, and my Windows 11 looks and acts very, very much like Windows 10 with StartIsBack++.  See the screenshots in this post.

        I don’t feel any need for additional security when I am behind a hardware firewall and invisible to the internet.  I don’t click on links in email or open unexpected attachments in email.  I never click on an ad.  And I have a library of drive images stored offline.  I don’t feel the least bit unprotected.

        Create a fresh drive image before making system changes/Windows updates, in case you need to start over!
        "When you're troubleshooting, start with the simple and proceed to the complex."—M.O. Johns
        "Experience is what you get when you're looking for something else."—Sir Thomas Robert Deware

        1 user thanked author for this post.
    • #2396759

      If you proceed with installing Windows 11, your PC will no longer be supported and won’t be entitled to receive updates.

      Entitled? And yet my test system with its elderly Core 2 DUO processor did in fact get updated to Windows 11 Version 21H2 (OS Build 22000.258). See the results here. So what actually happens is up to the whims of Microsoft. Maybe they will force all programs to run in a 64-bit virtual sandbox in the future which the Core 2 DUO processor cannot do. For now it works. I am not sure what Microsoft implies by “your PC will no longer be supported” other than by the manufacturer providing firmware or new drivers which they already do not do for my vintage system. That is an empty threat. I think all Microsoft is saying is that they will not bother to test their changes on older hardware anymore and so will not be responsible if anything breaks. That does not seam any different from what they are already doing. Just another empty threat.

      If you are happy depending on Microsoft’s goodwill and generosity to let you keep your Windows 11 installation patched/updated, good luck to you.

    • #2396761

      There is a critical distinction that you miss.

      Backatcha, @MHCLV941.  There is a critical distinction that you seem to have overlooked.  Windows 10 suggested Secure Boot and Trusted Platform Module use; it just didn’t require it.  The Windows 11 installation wrapper is coded to check and deny upgrade to PC’s that don’t have Secure Boot and Trusted Platform Module up and running.  Did you not read Brian Livingston’s article?

      Install.wim, the file that is the reality of Windows 11, works quite readily with the Windows 10 installation wrapper.  I could have been protected with Windows 10, but it was only a suggestion, not a requirement.  I, along with quite a few others, did not follow the suggestions, and were running unprotected.  Miraculously, my PC has survived!

      I have not run a Microsoft Supported version of Windows since 98.  I’ve sliced, diced and reassembled Windows to suit my own needs and requirements for a stable, secure and more efficient operating system.  The only malware infection I ever encountered was in Windows 95 via a floppy disk given to me by an IT professional, who was very apologetic.

      Windows 11 is not a new OS, it a Windows 10 minor upgrade with a UI revision that sucks out loud.  StartAllBack completely eliminates that obnoxious UI, and my Windows 11 looks and acts very, very much like Windows 10 with StartIsBack++.  See the screenshots in this post.

      I don’t feel any need for additional security when I am behind a hardware firewall and invisible to the internet.  I don’t click on links in email or open unexpected attachments in email.  I never click on an ad.  And I have a library of drive images stored offline.  I don’t feel the least bit unprotected.

      Actually, I did. I am not remotely as dismissive of the distinction between Windows 10 and 11 with respect to TPM as you are. As for your penchant for “FrankenWindows”, what you do in the privacy of your computer is no one’s business but your own. Have fun with it. And UI may – or may not – do the same thing with a computer or two at home.

      However, I also have several small clients who are faced with having to replace all their computers between now and October 2025 in order to continue running on a supported version of Windows. I cannot in good conscience advise them to do the same thing with machines that are critical to the conduct of their businesses.

      We do agree on one thing: Microsoft clearly learned nothing from the Windows 8 interface debacle. The Windows 11 interface royally sucks!!

      1 user thanked author for this post.
      • #2396779

        Isolate the machines from the Internet.

        No different than doing what we should be doing for those Win7’s.  If a business depends on something that has to run on unsupported “fill in the blank” then protect it as best as you can.

        With my deepest respects to all, I feel the tone in this thread is raising up a tad high. Let’s remember that we’re all here to help each other and not to raise our blood pressure.

         

        Susan Bradley Patch Lady

        1 user thanked author for this post.
    • #2396771

      You miss the point. It’s immaterial what Microsoft or anyone else says today about machines that are compatible with Windows 11. What matters is whether there was correct and authoritative information on WIndows 11 hardware requirements that could have been used to inform purchase decisions 2,3 or 4 years ago.

      I didn’t miss the point. That was what Microsoft said about compatible machines seven weeks ago, not today. But I didn’t realize you were expecting notice of requirements years ago.

      I doubt whether Microsoft knew 3 or 4 years ago that there would be a Windows 11.

      Are many computers sold in the last 2 years not compatible with Windows 11?

      You quoted “We’ve worked closely with our OEM and retail partners to bring you powerful Windows 10 PCs today, that will take you into the future with Windows 11”.

      What exactly did you mean if not that you were somehow able to order machines that would prove compatible with Windows 11?

      Are many computers sold in the last 2 years not compatible with Windows 11?

      I’m sure there were, mainly by omitting TPM, but I have no idea how many.

      • #2396789

        Are many computers sold in the last 2 years not compatible with Windows 11?

        I’m sure there were, mainly by omitting TPM, but I have no idea how many.

        TPM 2.0 has been required on new Windows PCs for more than 5 years:

        Since July 28, 2016, all new Windows PCs being manufactured have required TPM 2.0 to be enabled by default. If you’re buying a laptop, desktop, 2-in-1, or any other device that comes with Windows 10 preinstalled, Microsoft requires that the manufacturer include TPM 2.0 and have it enabled.

        Why Does Windows 11 Need TPM 2.0?

        Windows 10 Pro version 21H2 build 19044.1387 + Microsoft 365 (group ASAP)

    • #2396786

      Isolate the machines from the Internet.

      No different than doing what we should be doing for those Win7’s.  If a business depends on something that has to run on unsupported “fill in the blank” then protect it as best as you can.

      With my deepest respects to all, I feel the tone in this thread is raising up a tad high. Let’s remember that we’re all here to help each other and not to raise our blood pressure.

       

      That works so long as access to the internet is not required to get the work done.

    • #2396787

      A four year old computer is starting to have seen way better days.  Microsoft needs to mandate certain hardware for businesses to get more secure. By making it part of Win11 they can draw the line in the sand.

      Four years old is nearly new in the refurb/off-lease marketplace. A corporate-grade PC will very likely run as long as there is electricity and for a great many users be every bit a productive as a brand new machine with enough power to pull tree stumps.

    • #2396791

      Are many computers sold in the last 2 years not compatible with Windows 11?

      I’m sure there were, mainly by omitting TPM, but I have no idea how many.

      TPM 2.0 has been required on new Windows PCs for more than 5 years:

      Since July 28, 2016, all new Windows PCs being manufactured have required TPM 2.0 to be enabled by default. If you’re buying a laptop, desktop, 2-in-1, or any other device that comes with Windows 10 preinstalled, Microsoft requires that the manufacturer include TPM 2.0 and have it enabled.

      Why Does Windows 11 Need TPM 2.0?

      Please cite the source for your quote regarding TPM.

    • #2396793

      This one:

      TPM 2.0 has been required on new Windows PCs for more than 5 years:

      Since July 28, 2016, all new Windows PCs being manufactured have required TPM 2.0 to be enabled by default. If you’re buying a laptop, desktop, 2-in-1, or any other device that comes with Windows 10 preinstalled, Microsoft requires that the manufacturer include TPM 2.0 and have it enabled.

    • #2396797

      That’s still a used computer.  And all of this ransomware is just proving that “corporate grade” isn’t so good anymore.  See my — https://www.computerworld.com/article/3637054/just-who-is-windows-11-for-anyway.html

      How much ransomware is actually taking advantage of hardware shortcomings rather than wet-ware, i.e., human, shortcomings?

      The point is not that Windows 11 on compatible hardware should be more secure than not, particularly if the wet-ware can be upgraded as well.

      • #2396804

        joint_blackmatter_ransomware

        See the above.  For example LSASS credential dumping – credential guard which needs TPM 2.0 would help shut that down.

        This will be a long process, make no mistake. But Windows 11 may be a marketing gimmick to enforce hardware mandates, but that’s the point, it’s there to enforce hardware mandates.

         

        Susan Bradley Patch Lady

        1 user thanked author for this post.
    • #2396810

      Here’s a slightly different view supporting MHCLV941 …

      Like many of you, I’m also system builder. I build machines using high quality components with a focus on stability and endurance (business class). As I look around my home office/test lab, I see 3 full tower desktop systems, 2 file servers, 2 laptops, and 3 smaller workstations.

      I begin the replacement cycle as hardware approaches 8,000 “power on” hours and not because it’s broken or that I want/need the latest and greatest. The oldest hardware I have can browse the Internet and retrieve email just as well as the newest (despite lack of TPM and UEFI/Secure Boot).

      In the past, I’ve generally given retired computers to family, friends, neighbors or donated them to NGOs/NPOs, community/senior centers, etc. I’m sure a lot of you do the same.

      On Oct 14, 2025 (Win 10 EOL), I’ll still have very capable hardware that I would prefer to give-away/donate rather than send to the landfill (or toxic recycling facilities). Some of you will too.

      It will be argued that the hardware is insecure. I’ll argue that in the intended 2nd life, this isn’t a priority. Any functional computers, especially reliable ones, are better than none at all in some use cases. Grandma cares about her sewing group on “the Facebook”, not about VBS. I don’t think she’s worried about state sponsored attacks. Neither is the disadvantaged child down the street and poorly funded community center a few blocks over.

      Prior to Oct 14, 2025, millions of computers will be discarded by both home and business users in preparation for EOL. Sadly, on Oct 14, 2025, millions of people will be left stranded with unsupported hardware that they can’t afford to replace. I call this the “digital divide tsunami”.

      I know I’m painting an ugly picture, but Microsoft provided the paint.

      3 users thanked author for this post.
    • #2396812

      I know I’m painting an ugly picture, but Microsoft provided the paint.

      And the paintbrush, drop cloth and bucket.

      Or folks will continue running Windows 10. I suspect the number of Windows 10 machines that remain in operation long past the 2025 witching hour will far outnumber those that lingered on Windows 7 or XP. That will surely contribute to a more cyber-secure world much more than relaxing the hardware diktats of Windows 11!

      1 user thanked author for this post.
    • #2396824

      Also … let’s talk some more about the refurb/off-lease marketplace. Well, it’s pretty sizeable in my area among seniors who are on fixed incomes. From what I’ve observed, the computers sold to seniors consist of ancient, business class Dell and HP hardware.

      The use case here doesn’t demand performance; fixed income does require cheap. Because of fiscal constraints, seniors won’t replace what they have until some critical component fails that can’t be replaced cheaply or for free by someone who volunteers to help. If it ain’t broke ….

      What happens to these folks in 2025? I support your suspicions.

      1 user thanked author for this post.
      • #2396845

        Case in point, exactly what I have: recycled business class HP hardware built circa 2008 shipped with 64-bit Windows 7 Pro, purchased for a song from eBay in 2015 with the intent of running the free upgrade to Windows 10. Absolutely no reason to upgrade despite what may be on Microsoft’s and the manufacturer’s wish list.

        What to do… I also still have two mothballed self built 32-bit dual processor systems running Windows 2000 Pro that hackers have by now forgotten how to break into that I could fire up. Or maybe I’ll go back and put Windows NT 3.51 on them and see what happens 🙂 Smaller and smaller OS sizes as you go back in time presenting ever smaller attack surfaces. Let’s see, was it about 20 floppies to install Windows 3 on a 20MB disk? Or maybe an Amiga 3000 running BSD 4? There is security in obscurity…  The old becomes new again!

        The local library has an interesting take on security. When they turn their systems on in the morning the specialized boot software replaces the system image from secure storage so nothing survives a reboot. A bit like a virtual machine these days. Yeah, they also use recycled business class HP hardware.

        Oh, BTW, those supply chain issues have yet to run their course–so right now it is very unlikely that there will be any wholesale PC upgrades in the immediate future. And those billion devices Microsoft claims running Windows 10? Are they all PCs? What about TV, appliances, Amazon Echo, self checkout in stores, ATMs, gas station pumps and all other internet facing devices? Oh yeah, default passwords! TPM 2.0, huh? No UEFI! Such a target rich environment… Do we have to replace everything? Or just the most expensive things? I wonder how many script kiddies COVID-19 spawned with no school or jobs to distract them? Or perhaps it is just the declining sales of PCs that Microsoft and the manufacturers are trying to address under the guise of security? What issues is the release of Windows 11 really supposed to address?

        Here is my take on the above discussion. Make the effort to turn on the security you do have in Windows Security’s Device security section related to TPM and UEFI. If the system has a socket but the TPM is missing get one or have it installed when prices return to normal. Don’t sweat Windows 11. It is new, raw and full of defects yet to be discovered. Give it a year for everything to shake out before you go installing it if windows update lets you do so. If you want to play with it, install it by hook or crook somewhere safe and sane and go for it. If you must buy new hardware make sure it is a Chromebook, a Mac, an iPad, or at least 8th gen Intel or AMD running Windows 11 but consider downgrading to Windows 10. Otherwise wait for the 8th gen hardware to show up in the recycled section for a song on eBay 5 years from now. Then just sit back and watch the world spin and the fur fly…

        HP Compaq 6000 Pro SFF PC / Windows 10 Pro / 21H1
        Intel®Core™2 “Wolfdale” E8400 3.0 GHz / 8.00 GB
        2 users thanked author for this post.
    • #2396836

      Carl wrote:

      ” Sadly, on Oct 14, 2025, millions of people will be left stranded with unsupported hardware that they can’t afford to replace. ”

      The same has been said of Windows 7, yet millions of people with older computers continue using Windows 7 and 8.

      When I refurbish an old Core2Duo or early Core I-3 / I-5 PC I give the user an option of continuing with Windows 7 or updating to 10. If they choose Win 7 the PC will be kitted out with Avast Free anti-virus and its accompanying Safe Browser, LastPass password manager, MalwareBytes Free version, and a portable hard drive. They are prompted to connect the portable drive and do regular backups, then unplug it until next time (daily or weekly, their choice). This provides a relatively safe setup for everyday use that most older people can happily use. Another option is the newer Brave browser if the user is seeking a little more privacy on the internet (not much more, but a little).

      3 users thanked author for this post.
    • #2397564

      for all those ‘trash’ computers in 3 or 4 years how about re-marketing them with a Linux distro installed but with the w10 license intact. Most purchasers will not be beholden to MS and her newest apps (ok joke) as they will not be businesses just poorer folk needing a general purpose computer. Of course gamers may find a problem, but let them buy a new computer!

      🍻

      Just because you don't know where you are going doesn't mean any road will get you there.
      • #2397566

        “Lets Go Linux” I won’t post the alternative version 🙂

    • #2397565

      BTW Susan the reason MS pushes w11 to regular users first is because we are the Beta testers 😣

      🍻

      Just because you don't know where you are going doesn't mean any road will get you there.
    • #2397579

      for all those ‘trash’ computers in 3 or 4 years how about re-marketing them with a Linux distro installed but with the w10 license intact. Most purchasers will not be beholden to MS and her newest apps (ok joke) as they will not be businesses just poorer folk needing a general purpose computer. Of course gamers may find a problem, but let them buy a new computer!

      Linux is an option but it is NOT the panacea Linux zealots make it out to be, particularly for the target audience you mention. There are orders of magnitude fewer folks in the world who are even sort of versed in Linux as compared to the number of folks familiar or better with Windows. A computer that one cannot use is worse than no computer at all because it takes up space and uses electricity.

    • #2397629

      There are orders of magnitude fewer folks in the world who are even sort of versed in Linux as compared to the number of folks familiar or better with Windows.

      There are many Linux disros that look-like Windows and will be easy to use just as Windows is. Example Windowsfx

    • #2397634

      There are orders of magnitude fewer folks in the world who are even sort of versed in Linux as compared to the number of folks familiar or better with Windows.

      There are many Linux disros that look-like Windows and will be easy to use just as Windows is. Example Windowsfx

      It’s not just what it looks like. It’s knowing whether the app one wants to use will run on whatever flavor of Linux happens to be on the PC. Knowing whether the printer, scanner, mouse, fax, bar code reader, camera, cell phone, etc., etc., one happens to have or buy will work on that flavor of Linux.

      Linux is a tiny fraction of user desktops precisely because there are so many variants that make getting a machine into a usable place where someone can actually do some work.

    • #2398886

      joint_blackmatter_ransomware

      See the above.  For example LSASS credential dumping – credential guard which needs TPM 2.0 would help shut that down.

      This will be a long process, make no mistake. But Windows 11 may be a marketing gimmick to enforce hardware mandates, but that’s the point, it’s there to enforce hardware mandates.

       

      Indeed it will and I have no issue with requiring NEW computers to jump through all the Windows 11 diktats.

      My problem is Microsoft’s declaring that all computers simply because they are “old” no longer worthy of support and those who own them can replace them or be abandoned on an arbitrary date.

      I’m not suggesting that Microsoft should support Windows 10 “forever”(*). Windows 11 does run on non-compliant hardware. And the great majority of those machines are going to still be productive use after Microsoft’s “drop dead” date. How is ensuring that those machines will be running on unsupported Windows 10 contribute more to the overall state of cybersecurity than those same machines running Windows 11 even without the full array of hardware needed for full Windows 11 compliance?

      (*) That said, Microsoft has again managed to cripple a heretofore very flexible interface for no apparent good reason. In this sense, I do wish Windows 10 would be around forever.

      1 user thanked author for this post.
    Viewing 40 reply threads
    Reply To: A single Registry line enables Windows 11 without TPM 2.0

    You can use BBCodes to format your content.
    Your account can't use Advanced BBCodes, they will be stripped before saving.