When Microsoft announced Windows 11 more than three years ago, it was immediately controversial. Not only because of its unconventional interface, but also because of its high hardware requirements, which left many systems unable to run Windows 11 properly, such as TPM and Secure Boot.
Microsoft has repeatedly explained why features like TPM (Trusted Platform Module) 2.0, VBS (Virtualization-based Security), and Secure Boot are important for Windows 11 PCs. Microsoft requires that users' PCs support these features in order to use Windows 11, because of the enhanced security benefits they provide, and has released visual demos to better explain how these features work.
Recently, with the Windows 11 24H2 feature update, Microsoft updated one of the support articles on its official website titled “Automatic Device Encryption via BitLocker”, which Microsoft calls “Auto-DE”. Notably, this document mentions why TPM and Secure Boot are required for Device Encryption.
Below is the content of the supporting document before being edited.
Why is Device Encryption not available?
Here are the steps to determine why Device Encryption might be unavailable:
1. From the Start menu, type System Information, right-click System Information in the results list, and then select Run as administrator.
2. In the System Summary - Item list, look for the value Automatic Device Encryption Support or Device Encryption Support.
- The value provides the reason why Device Encryption cannot be enabled.
- If the value shows Meets prerequisites then Device Encryption is currently available on your device.
And here is the content of the supporting document after it has been edited.
Why is Device Encryption not available?
Here are the steps to determine why Device Encryption might be unavailable:
1. From the Start menu, type System Information, right-click System Information in the results list, and then select Run as administrator.
2. In the System Summary - Item list, look for the value Automatic Device Encryption Support or Device Encryption Support.
The value describes the support status of Device Encryption:
- Meets prerequisites: Device Encryption available on your device
- TPM is not usable: Your device does not have a Trusted Platform Module (TPM), or TPM is not enabled in the BIOS or UEFI.
- WinRE is not configured: Your device does not have Windows Recovery Environment configured.
- PCR7 binding is not supported: Secure Boot is disabled in BIOS/UEFI, or you have peripherals connected to your device during boot (such as a dedicated network interface, docking station, or external graphics card)
The article basically details what those missing “prerequisites” are. They include TPM, WinRE (Windows Recovery Environment), and Secure Boot.
Additionally, Microsoft also mentioned PCR7. PCR, or Platform Configuration Register, is a memory location on the TPM that is used to store hashing algorithms. PCR profile 7, or PCR7, is what BitLocker binds to. This binding ensures that the cryptographic key, in this case the BitLocker key, is only loaded during a certain time during the boot process, not before or after.
This is where Secure Boot comes into play as it verifies and authenticates the required Microsoft Windows PCA 2011 certificate during boot, as an invalid signature will result in BitLocker using profiles other than 7.
The resurgence of interest in BitLocker and encryption on Windows 11 24H2 came about recently when the Redmond giant unexpectedly lowered the OEM requirements for Auto-DE on the latest version of Windows, so that even home PCs can be automatically encrypted. Shortly after, the company also released a handy backup and recovery guide for BitLocker keys.
Not long ago, Microsoft also reaffirmed TPM 2.0 as a non-negotiable standard on its operating systems.
At the Qualcomm Snapdragon Summit on October 22, Microsoft announced a series of improvements coming to Windows PCs that will improve the overall experience for musicians, music producers, and other audio professionals.
It's no surprise that Microsoft wants Windows 10 users to upgrade to Windows 11.
Microsoft is currently having difficulty converting users to new products and services.
The year 2023 saw Microsoft betting heavily on artificial intelligence and its partnership with OpenAI to make Copilot a reality.
Similar to other app store platforms, Microsoft Store has its own evaluation criteria for apps on the platform by category.
In mid-2024, there were rumors that Microsoft was developing two new apps called People and File Search for Windows 11.
There are many reasons why Microsoft collects your data: From wanting to optimize the user experience, to customization, to selling it to third parties.
Modern versions of Windows still contain a lot of old code, and Microsoft generally tries to hide outdated parts, like the Control Panel, in favor of more modern components. However, there are some interesting exceptions.
Today, Microsoft officially launched another version of the Windows 11 operating system.
This will be the first price increase for Microsoft 365 Personal and Home subscriptions since Microsoft launched the Office 365 service 12 years ago.
After a long period of “living on the sidelines,” the Windows Mail, Calendar, and People apps are slowly approaching the end of their lifecycles. Microsoft recently updated its official documentation to clarify that the aforementioned apps will be completely retired on December 31, 2024.
Shortly after the official launch of Windows 11 version 24H2 last month, Microsoft acknowledged an unexpected issue with the Voicemeeter app.
Windows 11's only major update - version 24H2 - was released on October 1 and included quite a few new features.
If you can't get customers to choose your product voluntarily, make your product look almost like your competitors.
Microsoft is focusing on improving Copilot's referencing capabilities in Office documents. With the latest update, Word users can reference more data when creating, reviewing, and finalizing Word documents.
28 new Windows 11 shortcuts in addition to familiar Win 11 shortcuts will help you work faster and more efficiently.
How to restore the Sleep option on the Power Menu, please refer to the article below of WebTech360.
At the Qualcomm Snapdragon Summit on October 22, Microsoft announced a series of improvements coming to Windows PCs that will improve the overall experience for musicians, music producers, and other audio professionals.
Previously, Adobe Fresco only supported devices with touchscreens and styluses.
Do you see a red circle with a white cross to the left of your files, folders, or Windows drives? If so, it means OneDrive is out of sync and the folders affected by this issue are not syncing properly.
Turning off background applications on Windows 10 will help your computer run less sluggishly and save system resources. The following article by WebTech360 will guide readers on how to turn off background applications on Windows 10.
If you only use your mouse for common tasks, it is not necessary to enable mouse acceleration. Here are instructions for turning off mouse acceleration in Windows 11.
File Pilot is a lightweight, clean, and feature-rich file manager that outperforms the Windows default tool in every way.
In this series of articles we will introduce you to how to customize the default user profile in Windows 7.
Ransomware Protection is a useful feature that comes with Windows 11 to help secure users' devices against Ransomware attacks.
When your Windows PC has problems booting, Advanced Boot Options can help you figure out what's wrong.
Windows 10 is well supported. Software and hardware compatibility issues are rare. On the other hand, there have been major compatibility issues with Windows 11.
A quick and effective solution is to identify and delete large, space-consuming files that are hiding on your computer.
Like other Windows operating systems, Windows 11 still contains software and components that make the machine heavy.
If you want to review weather information, show the weather widget again on the Windows 10 Taskbar, follow the instructions below.
