Microsoft has published a blog post, trying to dispel some of the confusion around Windows 11’s system requirements. First and foremost, the company makes it clear that TPM 2.0 and 8th generation Intel and 2nd generation Ryzen are hard floors. Microsoft adds that based on the feedback during Windows 11’s testing process, support for 7th generation Intel and 1st generation Ryzen processors might be added.
Using the principles above, we are confident that devices running on Intel 8th generation processors and AMD Zen 2 as well as Qualcomm 7 and 8 Series will meet our principles around security and reliability and minimum system requirements for Windows 11. As we release to Windows Insiders and partner with our OEMs, we will test to identify devices running on Intel 7th generation and AMD Zen 1 that may meet our principles.
There are ways around these hard floors, through registry hacks and custom Windows 11 ISOs, but updates might break those, and who knows if Microsoft will plug those holes.
There were also workarounds for required Microsoft accounts on recent Windows 10 installs.
But each iteration has made it worse. Even on machines where I only had local accounts, and used the internal reset option to clean up Windows, it almost forced me to use an online account during the reinstall process.
Same with “recovery questions”, which I could not find a workaround (except of course mashing the keyboard for random strings).
I am pretty sure, any workaround that is available today, will soon be patched in the 2022H1 or whatever the naming convention of Windows 11 will be.
I have TPM 1.2 and that is good enough for lazy logging on with full disc encryption to stop any opportunist snooping and that’s all I need it for. Yes I know about the theoretical hacks and exploits but I doubt anyone who might steal a laptop when my back is turned is going to go to those lengths to snoop on my data. It’s just not going to happen. The big joke is people who have TPM 2.0. Most have firmware versions not hardware like what I have and they had it switched off!
I’ve dusted off my Linux Mint 16GB USB stick and pleased to discover Rufus can set things up so it has a huge partition for persistence. I used Cinnamon before but am currently installing and updating Mate on this just to see what the experience is like. This is a precursor to re-installing Linux Mint on my computers. This is what happens when Microsoft try and send my perfectly usable and more than adequate hardware to the scrapheap. I don’t care about Microsoft’s security and reliability policy. I’m simply not spending the money to keep them or Intel happy.
Pushing Linux Mint is nice and all, but if it was so easy Desktop Linux would have acquired significant market share during the Summer of Worms or during the Vista era (which quadrupled RAM requirements). Most people will either find a workaround or pony up and buy new systems so that they can keep using Windows.
At this point, Microsoft is turning into a bad Apple copycat: “We just removed secdrv.sys and now all of your game CDs and DVDs are useless (unless you sail the high seas to download an unofficial NoCD/NoDVD patch), pointlessly breaking backwards compatibility makes us part of the cool kids, tee hee…”. “We will block upgrades for your Windows 8.1-era computer because we feel like imposing an arbitrary TPM 2.0 requirement and an arbitrary processor whitelist, cool kids only care about newer hardware, yay!”.
Well… it was good while it lasted. In this era of Android, iOS and MacOS, you didn’t really expect Windows to keep providing upgrades for old hardware at the expense of new hardware sales for much longer, right?
PS: Yes, removing secdrv.sys is a case of Microsoft pointlessly breaking backwards compatibility. The minority of people who will enable it to run old games are not a worthy malware target. Windows 8.1 still has it as an option to enable it and guess what, there are no security incidents reported. It’s just not worth exploiting. And it can only be exploited by local software anyway, and if you run untrusted software willy-nilly on Windows you have bigger concerns.
I agree with the general thrust of your comment, but I wonder if you’re right in saying that most folks “will either find a workaround or pony up and buy new systems so that they can keep using Windows.” Most people in rich countries, perhaps. But there are pretty large bits of the world where it’s quite normal for people to hang on to the same computers for a decade or more until they actually stop working. Microsoft has made a lot of progress in getting people outside the rich world to use licensed and up-to-date versions of Windows, and this decision seems wrong-headed.
It’s not just in poorer bits of the world. My own Windows machine has a Haswell processor – an i7-4700HQ. It does everything I need it to perfectly well, including video editing. I’m not going to upgrade a perfectly functional machine just in order to run Windows 11. I’m not claiming that my views represent the majority – I’m mainly a Linux user, so I’m obviously not typical. Nevertheless, I suspect there’s a non-trivial set of users who’ll take the line I do.
I suspect there’s a non-trivial set of users that do what I do – never upgrade the OS (and then get annoyed when they buy a new machine that comes with the new/different version of Windows because they have to get used to a pointlessly different and typically worse UI, on top of the unavoidable annoyances of a new machine – installing apps, setting up preferences, trying to remember passwords for online stuff you haven’t needed for 5 years, etc).
I suspect Win11 will be the same – no new features that anyone cares about (a pain in the neck “different” UI, the ability to run Andriod apps that are awful on a full “screen+keyboard” PC and worse than the “designed for desktop” apps you’ve been using for years, and a new more efficient way for games to load assets/textures into GPU that might or might not improve load times if you ever find a game that actually supports it) and no valid reason to bother with the hassle of upgrading the OS.
In poor countries, users will either find a workaround or they will keep using old Windows versions past the end-of-support date. It’s what happened with Windows XP.
kurkosdr,
You’re probably right, but I don’t think it was just poor countries. As Brendan suggested I think a lot of people just don’t want it. With windows 10 microsoft put a lot of effort and even resorted to dubious methods to coerce users into upgrading. It remains to be seen how successful to win 11 upgrade path will be.
I think microsoft may ultimately try to have it both ways: threaten large swaths of customers to not provide users with an upgrade path (so that MS can get the $$$ from new windows licenses on new hardware). Then once the users who are willing to buy new hardware have done so, then MS may start reverting to a policy that gets the lagging masses off of windows 10 and onto windows 11.
I find it hilarious people complaining about Microsoft trying to bring the minimum requirements into the 21st century, and people bitching and moaning as if they have a god given right to run W11 on decades old hardware.
Win10 will be around for a lot longer, and no doubt updates will continue beyond 2025. Are you still going to be complaining you canโt run W12 on a crusty Althon XP by then as well?
Desktop Linux sucks, and will always continue to suck except for basic use cases. Don’t get me wrong, for basic Internet browsing it’s fine, but gaming, all manner of USB, bluetooth peripherals etc. I have better things to do with my time than pray it works.
@JohnSmith10
You realize that they aren’t decades old hardware. This is hardware that is 4 or years old.
Desktop Linux is fine for gaming and pretty much every day use for just about everything. Only thing I’d say it does poorly on is specialized use cases (like music production and video), but even those are seeing a lot of improvements.
Also, I can still run the latest Linux on a Pentium III, and probably even older.
Even machines sold today typically don’t come with TPM enabled, because it is a misfeature designed to protect the machine against its owner
@HollyB, I did exactly the same on some old laptops when Win 8.1 / 10 first came out as I initially found Win 8.1 / 10 too unresponsive on some old hardware. So I switched to Linux Mint Mate on those machines as it gave the users a nice Windows like experience. Over time MS sorted out the bugs in Win 10 and I’ve since retrospectively setup Win 10 and left Linux Mint Mate as a dual boot on several machines.
However, some users never went back to Windows and other users seeing Mate for the first time decided they wanted to switch so we now have a whole plethora of users running Linux Mint Mate instead of Win 10. Of course we can’t do this for all users, but those that can and have are very happy. I suppose I’m lucky I’ve only dozens and not hundreds or thousands of Linux machines to support. The biggest loser in all this has been Apple, only one machine left running MacOS left!
Welp. ReactOS is coming on in leaps and bounds. They’ve been making a lot of progress the last couple of months. Got even more reason to push it further forwards now!
I will consider it once it gets out of 0.x.x. A recent video of it on Linus Tech Tips didn’t really inspire confidence either.
Sun used to have their WABi project and attempted to make Win32 an ISO standard which Microsoft wriggled out of. With older OS out of support they are pretty much locked. I don’t see why Linux couldn’t have a system where it wrapped a Windows install with Wine as a fallback. What is stopping ReactOS doing similar where it can front Windows OS and fill in the blanks in the background as they go along?
Windows 11 mandating WDM 2.0 is another way of making sure old OS don’t work with new hardware.
It’s not hard to spin up a VM, it’s worth giving it a go yourself.
In FOSS land, 0.x versions aren’t exactly uncommon and often have little connection to the quality of the software.
But yeah, ROS has a long way to go yet. It’s just in the last couple of months specifically they’ve solved a number of deep bugs, as well as made breakthroughs in Win64 land, which have paid off with greater driver and app compatibility.
Not to the level of being a useable everyday driver, but it’s an astonishing jump for just a few months. I’m enjoying the burst of activity they’re seeing and hoping that the Windows 11 situation will result in more devs and funds for ROS, and hence even more progress.
The video was deadly accurate. I could hardly contain my laughter during it. Yeah there are demos you can do that inspire confidence and fill you with hope, but using it outside of the guidelines and you experience a world of hurt.
I love it all the same. I love all os’s and this is trying to do the most difficult thing of all with extremely limited resources. I give everyone who’s worked on it a lot of credit, and they should feel good at what they’ve been able to accomplish. But I don’t think its fair to them to hype it up as something that will be ready to replace windows today or tomorrow or five years. It is what it is, and thats ok.
Even the developers think of it as more for academic purposes than a realistic goal. I don’t really see it making the necessary progress quickly enough without something like a bitcoin millionaire taking interest.
No. No it is not. Stop misleading people, it will not ever be a good replacement for anyone who needs a stable reliable windows machine.
And it appears that Windows 11 isn’t likely to be a good replacement for a stable reliable windows machine either, thanks in part to arbitrary hardware cutoff edicts.
Oh and never say never. Absolutes are a great way to be wrong.
Or you know… you could just continue using your current copy of Windows 10.
I’m sure Thom will be ranting in a year or two about how everyone holding onto windows 10 needs to let go of the past and move onto a modern OS ๐
Regardless, if Windows 10 support ends entirely in 2025, and plenty of hardware is being sold right now without support for windows 11 (as currently indicated – I can go buy new hardware with TPM 1.2 still today), then you’re going to see companies and organizations having to replace entire fleets of hardware in 2023 and 2024 that’s perfectly useable and not even that old, just because MS put an arbitrary and unnecessary requirements in place.
The fundamental problem with ReactOS is that it can be described as a race where a slower runner is chasing a faster race leader – they can’t catch up (and if they did they won’t know which direction they need to go without having the race leader in front of them to follow). This is why they recommend using hardware from 20 years ago (their support for XP’s drivers is much better than support for more recent drivers).
@Brendan
Actually this is inaccurate. They aren’t attempting to catch up, they’re targeting compatibility with up to XP/2003 for now. I’m guessing once they get to that point, they’ll target something later. (at least I thought I read that somewhere. Was going to try to find the source of that comment, but can’t seem to at the moment…)
Either way, I think they realize that chasing the latest version is futile, and they’ve set a certain level for what they want to hit for 1.0. ReactOS has been in development for a VERY long time… (since 1996 according to Wikipedia)
Do you think “not trying to catch up” makes “can’t catch up” less accurate? I think the opposite (“not trying to catch up” is merely proof that “can’t catch up” is accurate).
Note that recently they have been trying to add/improve support for more modern stuff (e.g. 64-bit 80×86); so I’d suggest the “targeting compatibility with up to XP/2003 for now” is not accurate – e.g. “focusing on compatibility with up to XP/2003, while targeting much more” is more accurate.
XP/2003 were the first x64 releases of Windows, so it’s still consistent, but yeah they are maintaining baseline win32 compatibility with newer OSes too.
Thing is tho, there’s a lot of XP/2003 still in modern windows. Achieving parity with xp/2003 means you’ve also done most of the work required to clone Win10/2019 already.
What is the purpose of requiring TPM, are they going to enforce disk encryption?
It’s security theater. Apple makes security and privacy a front and center issue, and Microsoft has been the butt of security and privacy jokes since the early days of Windows. Windows 10 is much, much better than past versions on the security front, but far worse on the privacy side. With Windows 11 and its hard TPM 2.0 requirement, Microsoft can say “hey look, we do care about your privacy and security!” It’s just theater though; they still slurp up as much data as possible on your system unless you blacklist their ever-growing list of IP ranges and domains.
Another likely reason for the new requirement is convincing government agencies (especially at the federal level) to get on board with upgrades. I worked in government for nearly 20 years before “retiring” into a retail IT position, and in my experience they will run out the clock on extended support before even considering a move to the next major release. When I last worked for a government office in 2017, they were still on Windows 7 and were negotiating an expensive support contract with Microsoft to be able to use it past the EOL in 2020.
I think you are extremely naive when it comes to Apple, you are right about Microsoft, but remember everything bad with MS is 10 times worse with Apple.
I didn’t say Apple was actually more secure or private, just that they make it a major part of their sales pitch. Microsoft is finally catching on that they need to do the same to hold their market share.
You mean Microsoft needs to be more dishonest about security? Perhaps, though I would prefer if they didnt’ take that route.
Carewolf,
I think the security theater that Morgan is referring to is more about misdirection than dishonesty per say. Although now that I think about it, there may be a blurry line between the two because there are those who continually lie about the corporate motives for taking away owner keys to their own machines.
@Carewolf: Again you twist my words, why do you insist on doing that? Do you not have a valid point to make without doing so? I didn’t say what you said I did, I am just pointing out that Microsoft has finally caught on to Apple’s security theater game and is playing catch-up.
Let’s face it, for most office-type work, often even an 8 or 9 year old machine is perfectly useable these days still.
On one hand MS has their O365 revenue stream and forced upgrade model these days, and on the other they have Windows where they still have to support customers on Windows 7/2008r2 for free for major bugs.
With the slowdown in PC sales (ignoring the recent bump thanks to the health crisis) and the lack of uptake of windows-as-a-service, MS also needs *something* to drive PC (and hence Windows) sales (or push companies to their Azure virtual desktop offering).
The TPM 2.0 and recent processor stuff lets them do that with a plausible excuse.
Vendor lockin. Copying Apple by making silly random requirements that does nothing put make it harder to run alternatives
It gives Microsoft a common security architecture baseline for the OS. They’re moving everything there: Windows, Xbox, and Windows Server.
It simplifies their code base, eliminates some common vectors of entry. It’s basically them just trying to reduce some of the headaches at the expense of old systems being left out in the cold.
Luke McCarthy,
It’s not really about disk encryption, which is just one application of the technology. Users could already employ that with or without TPM if they wanted to. I believe microsoft’s interest lies entirely with “remote attestation”.
https://tpm2-software.github.io/tpm2-tss/getting-started/2019/12/18/Remote-Attestation.html
It’s a means of securing x86 computer OS/software environments, which may be put to different ends. For example it can provide a company with (relatively) strong assurances that their computers have not been moded against their will. Such uses are not controversial as long as the owner has explicit control over the process and can use their access to authorize their own changes to their own computers.
But it can also be turned into a weapon if the entity holding & controlling the keys is not the owner. For example if microsoft’s intention is to start locking down windows computers in the same way that IOS does, then without robust TPM & remote attestation owners would inevitably be able to mod their computers against appl\b\b\b\b microsoft’s wishes.
So there are both good pro-consumer and bad anti-consumer uses for TPM. We don’t yet have all the facts about windows 11, but it seems rather unlikely to me that microsoft would force this arbitrarily on owners if they didn’t have a selfish reason to do it. Both microsoft and apple have shown interest in taking keys away from owners and I suspect this could end up being another step in that direction.
It was confirmed about 3-4 days ago already, prior to the other post in here about the “confusion” over hardware requirements.
It all now comes down to legacy OS support policy. With majority of HW on the market left in the dark MS will have to shift to back-porting like crazy to maintain an acceptable experience (at least for the developers) . If they fail to do that and new dev features will only show up in WIN11 then MS is massively shooting themselves in the foot.
Combined with Mac breakup with X86 and associated headaches (which might have triggered MS to believe they can get away with “unpopular” decisions themselves) this might be indeed the best window of opportunity since Vista, Linux has had with pro enterprise developers to convince their superiors it’s time for Linux workstation in the company. Any serious Linux company should track these developments very closely.
Won’t happen. Here is what will happen: everybody will buy new parts and stay with Windows.
Great, sounds like I don’t have to bother with Win11 then. Just hope they don’t try to install it or keep bugging you to install it on machines that aren’t compatible. You know like Apple does every time they drop hardware support ๐
Has anything been said or confirmed about running it in a VM?
It seems to run just fine in VMWare from my experience.
–As we release to Windows Insiders and partner with our OEMs, we will test to identify devices running on Intel 7th generation and AMD Zen 1 that may meet our principles. —
The way I read this is very blunt if you OEM has not or will not update your devices firmware to counter spectre you are screwed on AMD Zen1 or Intel 7th..
https://www.theverge.com/2018/1/11/16880922/amd-spectre-firmware-updates-ryzen-epyc
Lot of people are not ware that Intel 7th and AMD Zen1 have firmware update as a option to fix these problem. Of course anyone with systems before Intel 7th and AMD Zen1 are going to be security screwed for sure. Yes the insider work around is make the software run not make the software secure there is a difference.
https://download.microsoft.com/download/7/8/8/788bf5ab-0751-4928-a22c-dffdc23c27f2/Minimum%20Hardware%20Requirements%20for%20Windows%2011.pdf
Please not the TPM requirement is truly double standards.
–A UEFI firmware option to turn off the TPM is not required. Upon approval from Microsoft, OEM systems for special purpose commercial systems, custom order, and customer systems with a custom image are not required to ship with a TPM support enabled.–
Yes as a OEM if you go and kiss the Microsoft magic ring you can get permission to make a new system missing TPM 2.0 completely. This brings a big question of Windows 11 really does not need TPM 2.0 to in fact function why is it forced. Also here no option to turn of TPM can also equal no option to reset the TPM either.
I see the TPM 2.0 requirement is Microsoft being a con artist who wants TPM 2.0 for copy protection or something else. Yes do note terms of Windows 11 custom image installers by the customer by Microsoft own install instructions is valid to turn TPM support off completely. TPM 2.0 requirement by Microsoft own documents is optional for those upgrading. Just those upgrading may have to make a custom install image so TPM support is off.
Yes the instructions to ‘bypass Windows 11 TPM 2.0 requirement’ are in fact covered by the Microsoft min hardware requirements pdf for windows 11 as a valid option so since its covered in the hardware instructions that a customer custom image install can TPM support disables missing TPM hardware should not be a problem with windows updates because the state of no TPM is covered in the Minimum hardware requirements for Windows 11. Of course saying the stock install media will not work with TPM disabled that is another issue.
Please note Microsoft could choose if they were useful to provide a Windows 11 TPM free custom install image for those with existing hardware that don’t have TPM 2.0 support or for some reason don’t want to turn it on like having having a motherboard who CMOS reset equals TPM off. Instead Microsoft is pushing that TPM 2.0 is a hard limit that by their own document its not really a hard limit at all just a software one that Microsoft does not want to provide a easy work around to.
Oh here we go. Microsoft to grow its legal department by 20% in response to global regulatory action. I wonder why that is!
https://slashdot.org/story/21/06/29/1755216/microsoft-to-grow-legal-team-amid-global-tech-regulation
The company I work for is no MS hater but no way will they will replace the current computer inventory just to upgrade to windows 11. The vast majority of our computers do not have TPM 2.0. Windows 10 will be supported till 2015 so it will be a few years till we need to worry about upgrading and by then the normal churn of hardware failure and replacement will take care of the problem.
kepta,
Seems like that would make windows 10 obsolete right from the start ๐
On a serious note, in my experience most PC hardware lasts long past the software it is bundled with. In the past when microsoft was charging for OS upgrades, long term support was sustainable and they didn’t have any major incentives to kill off older hardware. A sale was a sale. But now that they’re saying upgrades are free for existing users, they’ve actually created an incentive to kill off existing hardware in order to make owners buy new licenses.
Honestly I don’t see a very compelling technical reason for microsoft to impose new TPM requirements given that most users are already content with their existing systems. I think if we follow the money, it strongly suggests that the microsoft is aligning itself with apple’s business model of dropping long term hardware support in order to increase new sales. It’s unclear if this is just a one time thing, or if they’re going to commit to a planned obsolescence strategy every few years when they need more OS sales. It has the potential to be quite regressive for PC owners who have been accustomed to exceptionally good longevity.
Although as a linux user, I’m not affected by it. We face different kinds of problems, like being forced to buy windows licenses that we don’t use…ugh. I wish governments would outlaw this practice!
I don’t see a compelling reason either, for our industry there is no real reason to use disk encryption to start with. I also agree that it’s an odious practice, MS has long annoyed me in my career, I’ve been burned by ill documented changes and the constant audits that we always pass but take a ton of labor are insufferable. This is just more fuel to my dislike of them.
My organization has an older computer inventory anyway, we are in the trades and computers are regularly destroyed on job sites so our hardware tends to be old/cheap and replaced often with any vital data saved on cloud services. We go through computers much quicker then a typical organization.
Personally I use Linux as well these days and also dislike the practice of paying for licenses I won’t use. Next time I need to replace a laptop I was thinking of system76 or an equivalent that does not do this from my understanding.