Microsoft shows in practice why TPM 2.0 is mandatory in Windows 11

Microsoft has repeatedly insisted on the need to use the Trusted Platform Module (TPM) 2.0 as a basic security requirement to run Windows 10, but a lot of people never quite understood the purpose of it. To try to reinforce the reason for this requirement, the company has now practically demonstrated the difference between a computer with all the recommendations and one without.

  • Microsoft explains why TPM 2.0 is mandatory to use Windows 11
  • Error prevents compatible PCs from upgrading to Windows 11; know what to do
  • It is risky to install Windows 10 on a non-compatible PC?

    Microsoft’s Director of Corporate Security and Operating System, David Weston, highlighted which is the fundamental role of these requirements as a way to ensure a safe experience for everyone on Windows 11. This is not exactly new, as the company has talked about the requirement a few times, but never as explicitly as it is now.

    TPM 2.0 guarantees the security of keys, certificates and other protection data (Image : Playback/Microsoft Mechanics)

    In the video, you can see how a A criminal can take advantage of the loopholes to gain access to vulnerable machines, both locally and remotely, which would enable the use of ransomware techniques or theft of user identification credentials. In the first part, it is possible to see the successful exploitation of a vulnerability from the RDP (Open Remote Desktop Protocol) port, with obtaining administrator access and the possibility to perform virtually all control of a Windows PC 11 no TPM and no Secure Boot enabled.

    Want to catch up on the best tech news of the day? Go and subscribe to our new youtube channel, Canaltech News. Every day a summary of the main news from the tech world for you!

    The expert still demonstrates the exploration of a failure of the fingerprint authentication process on a machine without VBS (Virtualization-based Security). In this case, it was possible to gain access to memory on the vulnerable system and modify the biometric authentication code to allow skipping the verification step, something that would allow access by any individual and even with the “digital” of one

    gummy bear.

    Check it out the full video:

    Source: Microsoft Mechanics

    Did you like this article?

    Subscribe your email on Canaltech to receive daily updates with the latest news from the world of technology.

    660

  • Related Articles

    Check Also
    Close
    Back to top button