CataclysmZA
Executive Member
- Joined
- Apr 1, 2010
- Messages
- 5,595
- Reaction score
- 1,613
Download the Windows 11 PC Checkup App here: https://aka.ms/GetPCHealthCheckApp
Microsoft system compatibility requirements (which the tool uses to make its checks):
Of course, the tool is completely pointless and a bit ****. This one is much better:
github.com
UPDATE:
Microsoft has now edited all their documentation to mandate a hard line requirement of TPM 2.0 and only support for CPUs on these lists:
Intel: https://docs.microsoft.com/en-us/wi...pported/windows-11-supported-intel-processors
AMD: https://docs.microsoft.com/en-us/wi...supported/windows-11-supported-amd-processors
Here's how to interpret these requirements:
The requirements are a dual-core chip at 1GHz, 4GB RAM, 64GB free storage, and some kind of TPM 2.0 support, whether that's a proper module, fTPM (AMD), or PTT (Intel). The latter two are firmware-based and held on the CPU.
If your device conforms to everything but does not have any TPM 2.0 functionality whatsoever (hardware or firmware), it won't install. That applies to devices older than 2013 that missed the TPM 2.0 boat. Workarounds exist, but they may not persist between upgrades. You might get two years of running time before having to perform a clean install to do the workaround again.
While fTPM and PTT have been around for a while, motherboard vendors need to expose the option in BIOS updates. So it's entirely possible to have a machine that would meet all the requirements, but would need a firmware update to the board or a motherboard swap to one that had vendor support for fTPM or PTT enabled.
Some motherboard and OEM vendors may have completely abandoned functional hardware, or broken TPM functionality (this happened to Intel's NUC family a while back). But that's just the start. Your BIOS needs to have UEFI and Secure boot. That sets the start of support to at least products from 2013 at minimum.
Next, you need to disable CSM, and your drive has to be formatted with a GUID partition table. Plenty of guides out there show how you can convert an MBR install to GUID/GPT. No need for a reformat in this case.
You then need to satisfy the GPU requirements - Windows needs a GPU (real or virtual) that supports WDDM 2.0 (and Shader Model 6.0 support if you want to use Direct Storage). That's OK. Support for that extends back to 2013 PCs.
If your GPU can't boot in UEFI mode, you need to upgrade.
So the question remains: Why TPM 2.0? Why the cut-off points?
Well if you delve into the documentation on Bitlocker, it's staring you right in the face.
Now it makes sense why my machine isn't supported according to the checker. My Core i5-7200 missed the HSTI boat and does not support connected standby.
What does this mean? Well, devices that meet all those requirements, whether they are OEM or user-built, will automatically enable full disk encryption using Bitlocker after the OOBE is complete. If you sign into a Microsoft account on a machine that supports all this, it will use those credentials to automatically encrypt the drive.
Microsoft's Director of OS Security hints as much in this tweet, and the documentation he's created about TPM levels and features that are supported:
This is likely why Windows 11 Home won't sign in without you setting up a Microsoft account. Microsoft might be using InTune/Autopilot to configure every Windows 11 device that isn't on a corporate network with a default Bitlocker setup.
Microsoft system compatibility requirements (which the tool uses to make its checks):
Compatibility for Windows 11- Compatibility Cookbook
Learn how to enable your apps are compatible for Windows 11
docs.microsoft.com
Of course, the tool is completely pointless and a bit ****. This one is much better:
Release 2.0.1 - Day 1 Patch · rcmaehl/WhyNotWin11
THIS RELEASE IS OUT OF DATE. CHECK https://github.com/rcmaehl/WhyNotWin11/releases/latest 2.0.1 comes with the following changes: Patches Boot Check failing for UEFI And the following 2.0.0 chan...
github.com
UPDATE:
Microsoft has now edited all their documentation to mandate a hard line requirement of TPM 2.0 and only support for CPUs on these lists:
Intel: https://docs.microsoft.com/en-us/wi...pported/windows-11-supported-intel-processors
AMD: https://docs.microsoft.com/en-us/wi...supported/windows-11-supported-amd-processors
Here's how to interpret these requirements:
The requirements are a dual-core chip at 1GHz, 4GB RAM, 64GB free storage, and some kind of TPM 2.0 support, whether that's a proper module, fTPM (AMD), or PTT (Intel). The latter two are firmware-based and held on the CPU.
If your device conforms to everything but does not have any TPM 2.0 functionality whatsoever (hardware or firmware), it won't install. That applies to devices older than 2013 that missed the TPM 2.0 boat. Workarounds exist, but they may not persist between upgrades. You might get two years of running time before having to perform a clean install to do the workaround again.
While fTPM and PTT have been around for a while, motherboard vendors need to expose the option in BIOS updates. So it's entirely possible to have a machine that would meet all the requirements, but would need a firmware update to the board or a motherboard swap to one that had vendor support for fTPM or PTT enabled.
Some motherboard and OEM vendors may have completely abandoned functional hardware, or broken TPM functionality (this happened to Intel's NUC family a while back). But that's just the start. Your BIOS needs to have UEFI and Secure boot. That sets the start of support to at least products from 2013 at minimum.
Next, you need to disable CSM, and your drive has to be formatted with a GUID partition table. Plenty of guides out there show how you can convert an MBR install to GUID/GPT. No need for a reformat in this case.
You then need to satisfy the GPU requirements - Windows needs a GPU (real or virtual) that supports WDDM 2.0 (and Shader Model 6.0 support if you want to use Direct Storage). That's OK. Support for that extends back to 2013 PCs.
If your GPU can't boot in UEFI mode, you need to upgrade.
So the question remains: Why TPM 2.0? Why the cut-off points?
Well if you delve into the documentation on Bitlocker, it's staring you right in the face.
BitLocker drive encryption in Windows 11 for OEMs
OEMs can configure hardware to support Windows 11 automatic device encryption.
docs.microsoft.com
Now it makes sense why my machine isn't supported according to the checker. My Core i5-7200 missed the HSTI boat and does not support connected standby.
What does this mean? Well, devices that meet all those requirements, whether they are OEM or user-built, will automatically enable full disk encryption using Bitlocker after the OOBE is complete. If you sign into a Microsoft account on a machine that supports all this, it will use those credentials to automatically encrypt the drive.
Microsoft's Director of OS Security hints as much in this tweet, and the documentation he's created about TPM levels and features that are supported:
This is likely why Windows 11 Home won't sign in without you setting up a Microsoft account. Microsoft might be using InTune/Autopilot to configure every Windows 11 device that isn't on a corporate network with a default Bitlocker setup.
Last edited:
