Microsoft has pulled a “PC health check” application for Windows 11 from circulation after it told far too many people they wouldn’t be able to upgrade — without telling them why in any useful detail.
IT admins watching the furore would be forgiven for sweating, as Microsoft apologised for the “confusion”, edited its guidance on hardware requirements for the incoming Operating System and admitted it is still working with OEMs to see if devices running on Intel 7th generation and AMD Zen 1 chips would “meet its principles.”
For a recap, The Verge’s Tom Warren has a good overview of the issue here.
It boils down to Microsoft requiring (as it highlights in an updated June 28 blog) hardware that can “enable protections like Windows Hello, Device Encryption, virtualization-based security (VBS), hypervisor-protected code integrity (HVCI) and Secure Boot.” This has, Microsoft suggested, in a line since deleted from its blog, ruled out computers “running on Intel 6th generation and AMD pre-Zen.”
|Supported AMD Processors||Supported Intel Processors||Supported Qualcomm Processors|
See also: Intel delays production of Sapphire Rapids, its highest performance, next-gen Xeon data center chip
Although the Windows 11 PC health check up was belatedly updated to provide more details on why hardware requirements were not being met when a Windows 11 install failed, by June 28 Microsoft had seen enough bugs — and senior staffers on Twitter clearly played help desk enough — for them to temporarily pull it.
The updated June 28 blog also confirmed that Windows 11 will require TPM 2.0, much to the chagrin of some users. With admins and users used to shoehorning the latest Windows into most hardware, the move — intended, Microsoft said, to improve security — looks set to leave hundreds of millions of computers particularly in emerging markets unable to support Windows 11; no doubt much to the delight of OEMs eying a flurry of sales. (Windows 10 is supported to 2025, fear not: although there will no doubt be no shortage of users incable of rolling back an update.)
Want to check if TPM Version 2.0 is enabled on your PC? Hit WIN + R to open Run. Then type tpm.msc and press enter.
Microsoft’s head of OS security Dave Weston pointed in a series of Tweets to the need to “shift left” on security: “PCs of the future need this modern hardware root-of-trust to help protect from both common and sophisticated attacks like ransomware and more sophisticated attacks from nation-states,” Weston says. “Requiring the TPM 2.0 elevates the standard for hardware security by requiring that built-in root-of-trust.”
Microsoft said June 28 the app “was not fully prepared to share the level of detail or accuracy you expected from us on why a Windows 10 PC doesn’t meet upgrade requirements” and in a post intended to “acknowledge and clarify the confusion caused by our PC Health Check tool” said it would be back in time for Windows 11 GA.
The application itself was something of a canary in the Windows 11 mine, with numerous users finding that — unexpectedly — their computer was not able to upgrade: “We are confident that devices running on Intel 8th generation processors and AMD Zen 2 as well as Qualcomm 7 and 8 Series will meet our principles around security and reliability and minimum system requirements for Windows 11” Microsoft said.
“As we release to Windows Insiders and partner with our OEMs, we will test to identify devices running on Intel 7th generation and AMD Zen 1 that may meet our principles. We’re committed to sharing updates with you on the results of our testing over time, as well as sharing additional technical blogs…”
Those with machines using chips like the Intel i7-4790 meanwhile which doesn’t support TPM 2.0 might need to hold onto Windows 10 for now, or rebuild their systems. And a scan of early experiences by those taking Windows 11 for a spin suggests there are a lot of bugs left to iron out. Those managing large fleets of machines will no doubt be watching carefully. Microsoft’s guidance for you is below.