News Microsoft: You Can't Get Around Windows 11 Requirements

[cdred]

I can understand if I had a 10-15 year old computer like my Phenom 2 1100t Black edition but my x399 Taichi 1920x Threadripper with secure boot enabled and TPM 2.0 enabled, GTX 1080 SC, 64gb 3600 DDR4 memory and 3 m.2 ssd's don't qualify? STUPID!!!! I can luckily upgrade my CPU to a 2920x but I have a problem when it's just a arbituary cutoff. If your system meets the requirements, then you should be allowed to upgrade no matter the CPU you have. My Threadripper don't qualify but an Atom processor does sounds really dumb to me.

 

[cdred]

Upgrade to a Zen 2 or Zen 3 cpu and you are good both will be much faster than the 2700X. And you can do it next year prices will be lower.



What would be the point of doing this?

The problem with that is the Zen 1 Threadripper meets the secure boot and TPM requirements but do not qualify like the 7th gen Intels don't qualify but also meets the requirements. It is just a randomly created cutoff.

 

[germz1986]

I can understand if I had a 10-15 year old computer like my Phenom 2 1100t Black edition but my x399 Taichi 1920x Threadripper with secure boot enabled and TPM 2.0 enabled, GTX 1080 SC, 64gb 3600 DDR4 memory and 3 m.2 ssd's don't qualify? STUPID!!!! I can luckily upgrade my CPU to a 2920x but I have a problem when it's just a arbituary cutoff. If your system meets the requirements, then you should be allowed to upgrade no matter the CPU you have. My Threadripper don't qualify but an Atom processor does sounds really dumb to me.

I have 11 booting just fine from a clean install on a x4 955 880g main board. Your 1100t will do just fine.

 

[revodo]

Yeah, Windows 11 is going to be the new Vista. It looks pretty, but has absolute garbage compatibility. Literally the same issue Vista had.

 

[Makaveli]

The problem with that is the Zen 1 Threadripper meets the secure boot and TPM requirements but do not qualify like the 7th gen Intels don't qualify but also meets the requirements. It is just a randomly created cutoff.

That guy I wrote that response to is on an AM4 platform.

And the same applies on that socket if you are still on Gen 1 Threadripper upgrade to Gen 2 and you are good to go.

 

[TJ Hooker]

For everyone freaking out over CPU requirements, keep in mind that the supported processor list for the first Win10 release lists nothing older than Broadwell CPUs (and given that those were basically OEM/mobile only, that's basically nothing older than Skylake for self-builds). That means that CPUs that came out as little as a year or two earlier (Haswell/refresh) weren't officially supported by Win10. That didn't up being the case in practice though. Hopefully the same applies when Win11 is released. If not you can keep using Win10 until 2025, with the CPU you're using being at least 8 years old by then, at which point I don't think it unreasonable to get a new one if you want to move to Win11. And, as others have mentioned, Linux is an option as well if you want to keep your old systems running an OS that is still receiving updates.

 

[germz1986]

I'll post a screen shot tomorrow when I get back into the office. I got 11 to do a clean install on a core 2 Dell all in one.

 

[USAFRet]

I agree it's a SCAM just to get people to buy new PCs, as if they don't have enough money already, the 11 in windows 11 is two middle fingers to all their customers.

Except for the insignificant numbers of Surface devices, what "PCs" does Microsoft sell?

 

[martinch]

If not you can keep using Win10 until 2025, with the CPU you're using being at least 8 years old by then, at which point I don't think it unreasonable to get a new one if you want to move to Win11.

Most PCs are just used for web browsing/SOHO tasks, for which a Sandy Bridge PC is actually more than adequate. Encouraging people to upgrade their hardware when there is no clear performance or functional need not only places an un-due financial burden on people/companies (not all of whom have lots of money), but also creates a lot of unnecessary environmental waste. As an example, my relatives until recently had an i3-4330 running Linux Mint - performance was more than adequate for web browsing and writing letters (the only reason they don't have it now is the motherboard failed). My home PC is an i7-4790K, and for my uses, I have absolutely no reason to upgrade. We have i7-2600's in the mix of PCs at work - they're more than adequate for what they're being used for (after being given SSDs).

Except for the insignificant numbers of Surface devices, what "PCs" does Microsoft sell?

I think the inference is that if people buy a new PC, it has a Windows licence for which Microsoft receives a fee..?

 

[USAFRet]

I think the inference is that if people buy a new PC, it has a Windows licence for which Microsoft receives a fee..?

Windows 11 has nothing to do with that.

People don't buy a new PC just because there is a new version of Windows.

 

[germz1986]

So I got Win 11 to install on a Core 2 machine. Clean install on bare metal. Core 2 Quad 8200. Nvidia 9200. On a Dell all in one. 4gb ram. 320gb mech drive..... its slow. However it does boot, runs fine. Haven't had a crash, and all the drivers except one installed right out of the box.
https://ibb.co/FqkP9kM

These "hard" requirements aren't so set in stone. While I don't have anything older in the shop to test on, as long as the cpu has SSE2? and the computer has a reasonable amount of ram it should just work for the most part.

 

[lsatenstein]

Individual PC Builders are left in the dust as Microsoft doubles down on its Windows 11 minimum requirements, a move that favors OEMs.

Microsoft: You Can't Get Around Windows 11 Requirements : Read more

TPMs are great for security. However, TPMs have not been tested in the wild, just in controlled use as a storehouse for encryption keys or licenses And there is no reason why an attacker will not be able to lock up the TPM. TPM design allows for lockups after 3 false access codes. So, a hacker will just provide the false hacker codes until the tpm disable's itself.
Generally, a TPM that is disabled, must be restored to factory defaults, and then it must be initialized with a new access code. Thereafter the TPM can be loaded with the keys it previously stored. Because the TPM is on the motherboard, the TPM is definitely insecure.
Beware. Bricking a TPM may also be accompanied by bricking the Motherboard bios.

 

[TJ Hooker]

TPMs are great for security. However, TPMs have not been tested in the wild, just in controlled use as a storehouse for encryption keys or licenses And there is no reason why an attacker will not be able to lock up the TPM. TPM design allows for lockups after 3 false access codes. So, a hacker will just provide the false hacker codes until the tpm disable's itself.
Generally, a TPM that is disabled, must be restored to factory defaults, and then it must be initialized with a new access code. Thereafter the TPM can be loaded with the keys it previously stored. Because the TPM is on the motherboard, the TPM is definitely insecure.
Beware. Bricking a TPM may also be accompanied by bricking the Motherboard bios.

I don't know about bricking the PC/motherboard, but tampering with the TPM could certainly wipe any encrypted drives, assuming the keys were stored in the TPM and you didn't make a backup. I don't know how easy that would be to do remotely though, and I'm not sure what the motivation would be for the attacker.

TPMs have been around for years (original spec is from 2009), so I'm not sure it's fair to say they "have not been tested in the wild".

 

[mdd1963]

You don't actually need secure boot to be enabled according to the specs so that being a requirement is extremely arbitrary. TPM they haven't explained the use of, but okay I could see it no real problem here. Arbitrarily cutting off CPUs which support both secure boot and TPM 2.0 without an explanation is by far the worst part of this debacle. I have a 6900k system which supports secure boot and has a TPM 2.0, but for no disclosed reason this isn't good enough.

Your CPU starts with only a 6, so is clearly insufficient, despite it's 8 cores/16 threads HEDT origins! Perhaps you can find an i3-8100 owner to even -trade with?

 

[TerryLaze]

Your CPU starts with only a 6, so is clearly insufficient, despite it's 8 cores/16 threads HEDT origins! Perhaps you can find an i3-8100 owner to even -trade with?

All these thing are about guaranteeing the user an as safe as possible environment, not about being able to run the OS or not.
(or as controlled as possible depending on how cynical you are)

 

[Colif]

Until it checks again at every semi-annual update.

win 11 could use the TPM for logon purposes, I already know enterprise users won't get passwords, but PIN which are secured by the TPM. So Windows Hello and PIN can use it now. So it its used for logon, having the function might be used way more often then every 6 months.

Lots of doom and gloom in this thread.

 

[USAFRet]

win 11 could use the TPM for logon purposes, I already know enterprise users won't get passwords, but PIN which are secured by the TPM. So Windows Hello and PIN can use it now. So it its used for logon, having the function might be used way more often then every 6 months.

Lots of doom and gloom in this thread.

But but...I can get a hack routine from CrackMyRegistry from that guy on utube!!!
The guy on reddit told me so!

 

[Colif]

its just another thing MS will be fighting people over, like auto updates in win 10. Just as people work out a way to stop them, MS adjusts and they have to start again. It will happen. This thread and others are proof its just another theatre of war.

Win 12 would also likely have TPM in it, its just in 5 years time when its released more people will have tpm enabled PC and the push back won't exist as WIn 12 looks different to 11. Its the same thing that has repeated over the years. Push back at features but by next version its not a big deal anymore.

 

[USAFRet]

its just another thing MS will be fighting people over, like auto updates in win 10. Just as people work out a way to stop them, MS adjusts and they have to start again. It will happen. This thread and others are proof its just another theatre of war.

Win 12 would also likely have TPM in it, its just in 5 years time when its released more people will have tpm enabled PC and the push back won't exist as WIn 12 looks different to 11. Its the same thing that has repeated over the years. Push back at features but by next version its not a big deal anymore.

By the time Win 10 falls off support, any system not TPM capable will be 8+ years old.

Now...8 years is not particularly 'old'. However...8 years old not being able to run the NewShiny is NOT unusual.
Win 10 is/was an aberration.

 

[Colif]

It is strange 10 covered so much, guess it let them stop supporting 7 & 8 but they got way more than that as 7 was an upgrade for win vista/XP machines and you know, TPM might suck but they have to stop supporting everything at some stage. You can run 10 on almost anything that has drivers and hardware makers must want that to stop at some stage as they need people to buy new stuff too.

The Bios issue for newer PC that are actually able to upgrade needs to be addressed. I don't know how you let people know before they waste money. Obviously tech sites should know (I say should but I have my doubts) to tell users but that requires them to ask.

 

[USAFRet]

You can run 10 on almost anything that has drivers

Discussion - What's the oldest and/or cheesiest system you have Win 10 installed on?

Mine is a 2009 era Toshiba Satellite L305-S5955 Celeron 900, 2.2GHz, 2GB RAM, 250GB HDD. The only upgrade from stock was a warranty replacement of the original 160GB HDD to the current 250GB. Currently v1903, Build 18362.295 https://www.cnet.com/products/toshiba-satellite-l305-s5955/specs/...

forums.tomshardware.com

 

[randomizer]

win 11 could use the TPM for logon purposes, I already know enterprise users won't get passwords, but PIN which are secured by the TPM

My company would be in breach of its contracts if it didn't have passwords that get changed every 6 months.

 

[smogfactory]

TPMs are great for security. However, TPMs have not been tested in the wild, just in controlled use as a storehouse for encryption keys or licenses And there is no reason why an attacker will not be able to lock up the TPM. TPM design allows for lockups after 3 false access codes. So, a hacker will just provide the false hacker codes until the tpm disable's itself.
Generally, a TPM that is disabled, must be restored to factory defaults, and then it must be initialized with a new access code. Thereafter the TPM can be loaded with the keys it previously stored. Because the TPM is on the motherboard, the TPM is definitely insecure.
Beware. Bricking a TPM may also be accompanied by bricking the Motherboard bios.

TPMs's have been in wide spread use for over a decade now, just about every enterprise on the planet uses them so not sure how you can say they have not been tested in the wild. how many hundreds of millions in use and how many decades do you require before you say they are tested?

 

[drtweak]

Lack of due diligence there. Sounds like managers and higher ups doing this instead of actual technical people.



I find this interesting and maybe it was the build I was using. But I couldn't load bulid 22000.51 in a VM without secure boot being on install would always fail. Maybe that has been changed in the newer builds.

Some people are cheap, while some software is just ridiculously expensive. I do the best with what I can do.

 

[Co BIY]

People don't buy a new PC just because there is a new version of Windows.

I think a lot of people do and will.

Just like a lot of people get a new car when the model is revamped and theirs looks old now.