Monday, August 30th 2021

Microsoft to Ban Unsupported Machines from Windows 11 Updates

With pre-release builds of Microsoft's upcoming operating system, Windows 11, doing rounds, the PC enthusiast community has developed various workarounds to the system requirement of a hardware trusted-platform module 2.0 (TPM 2.0) for the operating system. Microsoft itself also suggested that those on older machines (without TPMs), who cannot upgrade from Windows 10 to Windows 11, have the option of performing a clean-installation of the new operating system using its ISO installer disk image.

These machines, however, will be treated as "unsupported," will not have access to Windows Update, and may potentially be barred from receiving important security updates. Microsoft recommends, however, that those who don't meet the system requirements of Windows 11 remain on Windows 10. The company plans to maintain support for Windows 10 up to October 14, 2025, which means four more years of security updates for the older operating system. The choice, hence, would be between upgrading hardware to meet Windows 11 requirements, or to remain on Windows 10 until Q4-2025.
Source: HotHardware
Add your own comment

125 Comments on Microsoft to Ban Unsupported Machines from Windows 11 Updates

#101
R-T-B
lexluthermiesterOk, what are you confused about
How we got from my comment about TPM being used for DRM, to whatever point this is we are aparently trying to make.
Posted on Reply
#102
Shrek
I wonder if TPM 1.2 will be enough
Posted on Reply
#103
lexluthermiester
Andy ShiekhI wonder if TPM 1.2 will be enough
That is what microsoft defined as the "hard floor" for TPM.
Posted on Reply
#104
ValenOne
lexluthermiesterThat's not exactly what TPM was designed for, but you're right, I don't see any reason why it can't be adapted.

If that were true, an attacker could easily disable TPM & SecureBoot, boot a USB drive, alter or steal data from the host drive, reboot and reenable the TPM & SecureBoot and act like it's not there. This would work because the keys in the TPM module were not replaced. And if we were talking about TPM 1.x it would work flawlessly. However, with TPM2.0 the dynamic changes...

...and here it is. YOUR use-case-scenario is NOT what microsoft is doing.

Don't believe me? Install Windows 11 on a compliant system with everything enabled. Then, without changing any settings, try to boot a EBD like Hirens. When that fails, disable SecureBoot and try again. Let's see what happens when you get into the WinPE desktop... Yeah, have fun!


Stop being childish.
It's Secure Boot, TPM, and Bitlocker with TCG/Opal V2.0/IEEE1667 chain. Having just Secure Boot and TPM wouldn't complete the data security for corporate use.
Posted on Reply
#105
ThrashZone
simlifeare you ok with cyber crime higher t hen its eever been to be on super super old tech... also why win 7 not 8 or 10 like billions have done if you have a flip phone then i understand why 2009 tech otherwise huh??,,
Hi,
lol yeah I use win-7 daily on a few machines and the sky has not fallen and the world hasn't ended as so many have said it will :laugh:
I'm not even using this updates crack either I see no more updates as a long deserved holiday from MS trying to break win-7 every month lol

7 ESU Bypass
Posted on Reply
#106
Unregistered
windwhirlYou can choose to enable Bitlocker or not, you're not forced to use it.
Thanks!
Posted on Edit | Reply
#108
GrumpyOtaku
Good side of this is their system might stop trying to send MSWin11 updates to my MSWin10 Tech Preview test machine.

I looked through my systems, and NONE of them are supported under MSW11. My work laptop could, but that runs Linux as is right and proper.

So MSW10 is supported up through late 2025? Fedora 42 should be even more kick-ass by then, so you won't need MSWin anymore.
Posted on Reply
#109
chrcoluk
Am I the only one thinking some people will be looking for ways to emulate not having a TPM so they are released from forced updates?
Posted on Reply
#110
windwhirl
chrcolukAm I the only one thinking some people will be looking for ways to emulate not having a TPM so they are released from forced updates?
It's already happening, probably :laugh:
Posted on Reply
#111
ThrashZone
Razrback16Thanks!
Hi,
Ran into this yesterday to make sure
Turn off crap bitlocker features in 11

fsutil behavior set disableencryption 1
cipher /d /s:C:\
reg add "HKLM\Software\Policies\Microsoft\Windows\EnhancedStorageDevices" /v "TCGSecurityActivationDisabled" /t REG_DWORD /d "1" /f
sc config BDESVC start= disabled
sc config "EFS" start= disabled
Posted on Reply
#112
lexluthermiester
chrcolukAm I the only one thinking some people will be looking for ways to emulate not having a TPM so they are released from forced updates?
There will be many other reasons for bypassing the limitations..
Posted on Reply
#113
micropage7
i guess that's the reason my pentium laptop with 12gb ram not got updated and crappy i3 with 4gb got update
Posted on Reply
#114
ThrashZone
chrcolukAm I the only one thinking some people will be looking for ways to emulate not having a TPM so they are released from forced updates?
Hi,
Using Virtual machine with hyper-v or kvm there is already a emulator for uefi & tpm that I've read
Kind of a lame way to use an os to me though.
Posted on Reply
#115
Ernest1ca
Microsoft, you make us a favour. By being naughty, you push us to use alternative OS-es, hence you losing than you gaining. Bravo! User-friendly attitude.
Posted on Reply
#116
DrCR
Ernest1caMicrosoft, you make us a favour. By being naughty, you push us to use alternative OS-es, hence you losing than you gaining. Bravo! User-friendly attitude.
Way back when, my experience with WinME was a major factor in me getting into Linux.
Posted on Reply
#117
lexluthermiester
DrCRWay back when, my experience with WinME was a major factor in me getting into Linux.
Really? I found Windows ME was great after being dialed in and properly configured, which was MUCH easier than dialing in Linux at that point in time..
I find your lack of "Win" disturbing. :laugh:
Posted on Reply
#118
DrCR
lexluthermiesterReally? I found Windows ME was great after being dialed in and properly configured, which was MUCH easier than dialing in Linux at that point in time..
I find your lack of "Win" disturbing. :laugh:
I used WinME as a daily driver on my non-work machines for quite a number of years. iirc I used it until AMD Venice and WinXP, so for about 5 years I guess. Got to know it like the back of my hand e.g. what routes would make it predictably crash and what routes would be fine. It was actually my OS of choice, instead of Win98 SE, for my GF4 AGP + V5 5500 PCI legacy gaming box, just because I'm so familiar with it. What I enjoyed with Slackware 9 back then when I started tinkering with it vs WinOSes (desktop admin professionally during that time) was that I never had to worry about SW deciding to throw a wrench in my dialed in setup (which is also why I tend to like a distro like Slackware vs other more bleeding edge distros for my boring daily driving). And Linux simply caught my interest as something else to learn since WinOSes were my expertise professionally. Eventually I got to the point where I am now that setting up and maintaining a good Win 10/11 Ent config to my personal standard doesn't provide interest and utility sufficient for me to bother outside of a professional capcacity. I'll likely unlazy though and put Win 11 Ent on a personal machine once I do a new build in 2022-2023. Maybe. Sounds like a bus man's holiday.
Posted on Reply
#119
lexluthermiester
DrCRI used WinME as a daily driver on my non-work machines for quite a number of years. iirc I used it until AMD Venice and WinXP, so for about 5 years I guess. Got to know it like the back of my hand e.g. what routes would make it predictably crash and what routes would be fine. It was actually my OS of choice, instead of Win98 SE, for my GF4 AGP + V5 5500 PCI legacy gaming box, just because I'm so familiar with it. What I enjoyed with Slackware 9 back then when I started tinkering with it vs WinOSes (desktop admin professionally during that time) was that I never had to worry about SW deciding to throw a wrench in my dialed in setup (which is also why I tend to like a distro like Slackware vs other more bleeding edge distros for my boring daily driving). And Linux simply caught my interest as something else to learn since WinOSes were my expertise professionally. Eventually I got to the point where I am now that setting up and maintaining a good Win 10/11 Ent config to my personal standard doesn't provide interest and utility sufficient for me to bother outside of a professional capcacity. I'll likely unlazy though and put Win 11 Ent on a personal machine once I do a new build in 2022-2023. Maybe. Sounds like a bus man's holiday.
That's fair. I was also a Windows ME user for many years until XP SP2 was released. At that point XP was more stable and better. Never had problems with WinME like seemingly everyone else had. But then again, I disabled or deleted things that caused instabilities and used alternatives, which may have been why.
Posted on Reply
#120
ValenOne
Andy ShiekhI wonder if TPM 1.2 will be enough
I installed Windows 11 on Intel Ivybridge Core i7-3770K based PC without TPM.
Posted on Reply
#121
Shrek
rvalenciaI installed Windows 11 on Intel Ivybridge Core i7-3770K based PC without TPM.
Without needing any tricks?
Posted on Reply
#122
ValenOne
Andy ShiekhWithout needing any tricks?
Delete the C:\$WINDOWS.~BT\Sources's "appraiserres.dll" method.
Posted on Reply
Add your own comment
Dec 23rd, 2024 05:20 EST change timezone

New Forum Posts

Popular Reviews

Controversial News Posts