View original (French)

Windows 11 + Update Issues - TPM 2.0

Solved
KundunCAN Posted messages 5 Status Membre -  
KundunCAN Posted messages 5 Status Membre -

Hello everyone,

I have a PC that I built in 2016-2017, and it still works very well today. Two years ago, I had to replace my Windows 10 with Windows 11 (I had lost the DVD containing my Windows 10 license). So, I bought a new license, but I didn't realize that it would cause so many problems because of Microsoft's restrictions, particularly with the infamous TPM 2.0.

Since it was impossible for me to install Windows 11 due to these limitations, I went to a computer repair technician who forced the installation to bypass the checks.

However, this summer, Microsoft blocked updates for PCs using workarounds, and I now find myself without any new updates for my Windows 11.

My setup is still very capable, and I would like to wait until next fall before investing in a new PC. I have always built my PCs to last, spending the necessary money. (Basically, I don’t have the savings to change it right now..)

I’ve heard that it is possible to add a TPM 2.0 module to certain motherboards. ( https://www.amazon.ca/Asus-TPM-M-R2-0-14-1-Module/dp/B01DQQLH74 ) I would like to know if it is feasible with my motherboard and, more importantly, if it would resolve the situation with Windows 11 or if my processor (6th generation) would still be a problem regardless.

Here is my current configuration:

  • Motherboard: Asus Z170-A ATX LGA1151 Z170 Skylake
  • Processor: Intel Core i7-6700K (LGA1151, 6th generation Skylake)
  • Graphics card: Asus GeForce GTX 970 Strix OC

My questions:

  1. Is it possible to add a TPM 2.0 module to my Asus Z170-A motherboard?
  2. If so, would it resolve the problem with Windows 11 updates, and would Microsoft recognize my hardware as "compatible"?
  3. Would my processor (i7-6700K) remain a hindrance to being fully compliant with Windows 11 requirements?

Thank you in advance for your help and advice!

5 réponses

Réponse 1 / 5
flo88 Posted messages 28659 Registration date   Status Contributeur Last intervention   Ambassadeur 5 158
 

Hello

Your processor is not natively compatible with W11. You need to bypass the security measures to install it on a PC like yours.

The answers to your questions about TPM 2.0 are here: https://forums.commentcamarche.net/forum/affich-38132740-microsoft-module-de-securite-tpm-2-0#dernier

Additional modules are specific to each motherboard manufacturer, rarely work, and are mostly unavailable anyway.
2
Réponse 2 / 5
Winux
 

You need to know how to use a BIOS, even in advanced mode, and be willing to take the risk of updating it as well.

I'm not talking about antivirus; I don't even have one personally. Windows Defender works very well. After that, it's a matter of vigilance. Third-party antivirus, even paid ones, significantly slow down the system and can act as legitimate spyware for the brand in question if you don't configure the privacy settings correctly. Antivirus is like antibiotics; it's not automatic. Some methods bypass them, and when I talk about security regarding TPM, the best thing is to learn that this function allows you to store passwords safely with better encryption to prevent brute-force attacks.

Your processor is not recent enough for the protocol requirements that Microsoft demands for Windows 11, but it will always be better secured than Windows 10, especially since, as you mentioned, the latter will no longer benefit from feature updates, but also from fixing security vulnerabilities.

Windows 11 native > Windows 11 in compatibility mode for old hardware > Windows 10

In terms of security
1
KundunCAN Posted messages 5 Status Membre 1
 

No, I assure you, I really did everything right before asking questions here. The BIOS is up to date (last update from 2018), and I'm using GPT 4 and forums to guide me in the BIOS. From what I've read, the PTT option is not directly accessible in the BIOS for certain motherboards, including mine: https://www.reddit.com/r/ASUS/comments/owbuf3/how_to_enable_intel_ptt_on_asus_z170a_motherboard/?tl=en

Ok, I understand, but if I no longer have access to security updates for Windows 11, Windows Defender may not be enough to properly protect me in the coming months? In any case, that's what I've read on several websites, for people without updates on Windows 10 and 11, to have a good antivirus, that's why I'm asking the question. The only thing I want is to be sure I can continue using Windows 11 on this PC until next summer without any security issues. I use it for work, I have quite a bit of important data on it.

Ok, thanks, so now I understand. The problem is my sixth-generation processor. It would work with a seventh-generation processor or higher. So it's not a problem with my motherboard, which would have the PTT that Windows 11 requires.

So even if the PTT was enabled, since the processor is not compatible, it would be the same issue with Windows 11.

Thank you for your answers.



0
flo88 Posted messages 28659 Registration date   Status Contributeur Last intervention   5 158 > KundunCAN Posted messages 5 Status Membre
 

Well, I'm going to add my two cents; the PTT parameter of Intel motherboard BIOS serves to validate the instruction set implemented in a processor that has TPM 2.0 emulation.

This is not the case with your processor, so you are right @KundunCAN StatutMembre, you don't have this parameter in your BIOS, that's normal.

However, you can force the installation of W11 starting from your current W10 installation even if your PC is not officially compatible by following the instructions in my message here: https://forums.commentcamarche.net/forum/affich-38117466-w11-sur-pc-non-compatible#5

This forces the upgrade to W11, you won't lose your software, but back up your data beforehand, you never know.

2
Réponse 3 / 5
KundunCAN Posted messages 5 Status Membre 1
 

Hello here,

Just to close this topic, with the help of GPT4 and English-speaking forums, I was able to solve my problem; I successfully upgraded to the latest version of Windows 11 24h2 using the Rufus method and the Windows 11 ISO copy. It's actually quite simple to do.

For anyone who comes across this topic, here’s the procedure to follow:

Here’s a detailed summary of the method using Rufus to perform an in-place upgrade of a Windows 11 PC not officially compatible to a newer version (e.g. 24H2):

1. Prepare the PC

  1. Backup your data
    • Always recommended before a major update.
  2. Check available disk space (about 20 Go or more on the system partition).
  3. Plug in the computer (if it’s a laptop) to avoid any power cut.

2. Download the ISO and Rufus

  1. Download the ISO of Windows 11 (latest version)

    • On the official Microsoft page: https://www.microsoft.com/fr-fr/software-download/windows11

  2. Download Rufus

    • https://rufus.ie/fr/
    • Select the latest version (or the portable version, depending on your preference).

3. Create the “unlocked” USB drive with Rufus

  1. Launch Rufus and plug in a USB drive (minimum 8 Go).
  2. Device: Select the USB drive.
  3. Boot type: Choose the previously downloaded Windows 11 ISO.
  4. Image option: “Standard Windows installation”.
  5. Partition scheme: GPT (if UEFI) or MBR (if older BIOS).
    • Usually GPT + “UEFI (non-CSM)” works for modern motherboards.
  6. Click on “Start”.
    • Rufus will display a “Windows User Experience” window.
    • Check:
      • “Remove the requirement for 4Go+ of RAM, Secure Boot and TPM 2.0”
      • “Remove the need to use an online Microsoft user account” (optional, but often practical)
    • Uncheck (or leave unchecked) anything unnecessary (e.g. “Create a local account...” if you are doing an upgrade, etc.).
  7. Let Rufus copy the ISO and finalize the drive. The status will turn to “READY” when it is finished.

4. Launch the in-place upgrade from Windows

  1. Do not restart the PC to boot from the USB drive.
  2. On the contrary, open the File Explorer in Windows.
  3. Double-click on the USB drive (drive letter, e.g. E: or K:).
  4. Locate the file setup.exe and double-click to start the assistant.

5. Installation assistant: important steps

  1. Search for updates or not:
    • It is often recommended to click on “Not now” to avoid re-downloading compatibility checks.
  2. Accept the license agreement.
  3. Select “Keep my files and apps”
    • If offered. This is crucial to keep your data and software.
  4. Let the installation proceed
    • The computer will restart several times.

6. Finalization

  1. Wait for Windows to complete the upgrade.
  2. Reconnect to your usual account.
  3. Check the installed version:
    • Windows + Rwinver → Enter
    • You should see the new version (e.g. 24H2 or other) with a more recent build number.
  4. Take a look in Settings → Windows Update to install any updates.
1
Réponse 4 / 5
Winux
 

Hello,

You may be great at building a PC, but you have some gaps in software and firmware.

First of all, for Windows 11, the Windows 10 license is sufficient as it is linked to the hardware.

Next, it would be good to find out the method your technician used to upgrade to 11, registry or CMD command?

Generally, creating the registry file for compatibility mode should be enough to perform the upgrades, I believe.

Moreover, the module is unnecessary; everything needed is on motherboards from that era. We're talking about fTPM for AMD and PTT for Intel, which serve as TPM2. The modules are there for physical protections, to enable or disable the module for access, I believe.

In any case, the compatibility mode required for your processor that is not natively compatible with 11 does not need TPM; although if you can, for security reasons, I recommend activating it.
0
KundunCAN Posted messages 5 Status Membre 1
 

Thank you for your response.

I made a big summary, of course I know that I could have reinstalled Windows directly without using a DVD. However, at that time, I had bought a new SSD and wanted to do a clean installation on it. I know that it is also possible to do it without a DVD on a new SSD, but I preferred to take the simplest and fastest route. As a result, I bought a license for Windows 11 without thinking too much... but I should have looked into the issues related to TPM 2.0 more.

Since then, I have moved to Ottawa, and the technician who forced the installation of Windows 11 on my PC is in Toronto. I just bought a new SSD, and I could reinstall Windows 11 myself on it if necessary.

So, the ASUS Z170-A also doesn't have PTT, at least I don't see it in the BIOS. From what I read online, it might be a hidden option and there could be a way to access it with a hack... what a hassle...

So if I manage to activate the PTT on my motherboard, will Windows 11 work normally? The 6th generation processor won't hinder the proper functioning of Windows 11?

From what I read, it is possible to add the TPM 2.0 module to the ASUS Z170-A... so the question I am asking myself is, would this method be the simplest way to get Windows 11 to work?

Thank you

0
Winux > KundunCAN Posted messages 5 Status Membre
 

You didn’t take the time to read.

I said that your processor is not compatible, and therefore it is not necessary to enable TPM except for security reasons.

PTT is an abbreviation, and like all BIOS options, it may be named differently, anyway, you need to look for it or be used to it.

0
KundunCAN Posted messages 5 Status Membre 1 > Winux
 

Thank you, but I took the time to read and reread, and your message was not clear to me.

I did look thoroughly, and on English forums, PTT is a hidden option in the BIOS of my motherboard. I therefore do not have access to it in the native BIOS.

So if I understand correctly, even if PTT were enabled on my motherboard, the fact that the processor is from the 6th generation means that it is the processor that would block it and not the motherboard for the latest major update of Windows 11 to be able to take place?

If that's the case... is there a significant risk in continuing with Windows 11 on this PC, in terms of security until next summer/fall? I have Bitdefender (antivirus plus)..

Microsoft is really putting everyone in a bind with Windows 10 no longer being updated and Windows 11 blocking configurations even though they are perfectly robust. My setup is far more powerful than many PC and laptop configurations costing $1000 nowadays.

0
casimir > KundunCAN Posted messages 5 Status Membre
 

Hello

But since we’re telling you that everyone installs 11 without installing those tpm2 things when they’re missing, and which won’t work on your CPU like with everyone who has it. Half of the people have too old PCs, that’s all.

They’re sticking with win 10 as long as it works.

https://www.malekal.com/installer-mint-dual-boot-windows-2/

Latest stable version Xfce Edition (requires few resources)

https://www.linuxmint.com/edition.php?id=317

https://chromeos.google/intl/fr_fr/products/chromeos-flex/

Lots of people also disable secure boot because it suits them...

If everyone changes their PC next year, they would all have subscriptions to lease the software, it’s not hard to understand, half of them still don’t want to throw away their PCs.

And there are already sites that have opened up, to use new online programs with old PCs.

1
Réponse 5 / 5
Winux
 

In my case, on a 6th gen Intel CPU of my laptop, I upgraded from Win 10 22h2 to 11 23h2 using the magic cmd command, then since it no longer worked with that command for version 24h2, I created the necessary registry key that has existed since the very beginning of Windows 11 for upgrade, and it worked, I went to 24h2 and I had enabled PTT from the very beginning with Windows 10 Pro for BitLocker, because in case of moving, I don't want my laptop's data to be stolen along with it.

Unfortunately, you cannot upgrade on an 8th gen CPU with the old platform that is only compatible with 6th and 7th gen Intel.

You really need to educate yourself better on cybersecurity, I have the impression that you are confusing everything, you don't seem to know that an antivirus alone is useless without an updated firewall to address security vulnerabilities.

Edit: there is a tremendous amount to learn in cybersecurity, a simple software widely used by the general public, which is not updated through a network vulnerability, or is impersonated via copies is potentially a threat, even if there is a 0.5% chance of it happening.

Or local network attacks via Wi-Fi, or illegal IPTV can contain malicious code and infect most devices on the network for spying, and I haven't even mentioned the risks related to the lack of privacy and the increasingly realistic phishing attempts to ensnare even vigilant individuals.
0