Why Windows 11's TPM 2.0 Requirements Could Spell Doom For Virtual Machines

Windows 11 Virtual Machine
For some, Microsoft's insistence that PCs be equipped with Trusted Platform Module (TPM) 2.0 support is irritating, especially since the company has done a poor job explaining why it is suddenly such a big deal. Installing a virtual machine (VM) won't necessarily escape the requirement, either. As users in the Windows Insider program have discovered, the latest preview build in the beta channel—version 22000.194—enforces the TPM 2.0 requirement.

Applying the latest cumulative update in Windows 11 bumps the OS up to the latest preview build. Up to this point, VMs have been able to test Insider builds without issue related to the TPM 2.0 requirement. But hey, today is a new day, and this was always bound to happen. Still, it is catching some users off guard, who are now being told their PCs can't run Windows 11...while running Windows 11.

"This build includes a change that aligns the enforcement of the Windows 11 system requirements on virtual machines to be the same as it is for physical PCs. Previously created VMs running Insider preview builds may not update to the latest preview builds," Microsoft explains.

What does this mean? In this case, your actual hardware is irrelevant, because even if your system supports TPM 2.0 and it is enabled in your BIOS, it still has to be a feature of your VM. This is not something that is widely implemented, at least not for free.

Microsoft's own Hyper-V Manager can mimic TPM 2.0, but it is only available to Windows 10 Pro and Windows 10 Enterprise customers. Parallels 17 can as well, which starts at $80/year. And VMWare Workstation 16 Pro is another option...if you're willing to fork over $199.

"In Hyper-V, VMs need to be created as a Generation 2 VM. Running Windows 11 in VMs in other virtualization products from vendors such as VMware and Oracle will continue to work as long as the hardware requirements are met," Microsoft adds.

I have Windows 11 installed on a VMWare's free Workstation 16 Player and can confirm the latest update leaves it behind. It will still run Windows 11 since it is already installed, but it now fails the compatibility tests, and I assume it will not be eligible to receive future version updates, based on Microsoft's Windows 11 messaging.

It will be interesting to see how this all plays out in the public when Windows 11 begins rolling out on October 5. Most PCs shipped in the last several years support TPM 2.0, either by way of a dedicated chip on the motherboard or, more commonly, baked into the processor. But this is something that has not typically been enabled in the BIOS by default. So, if you have less savvy friends and family members who are wanting to upgrade to Windows 11, get ready to be their tech support.

As for people in the Insider program, I have not tried this with the latest build myself, but there are some potential TPM 2.0 workarounds that might still work. One of them is to alter the ISO file by overwriting the appraiserres.dll file in the Source folder. It's worth a shot if you're hellbent on testing Windows 11 on a VM.