Microsoft Tightens the Reins
PC enthusiasts have long navigated the waters of operating system upgrades, particularly with the transition from Windows 10 to Windows 11. A significant hurdle in this journey has been the TPM 2.0 requirement, which has effectively barred many older PCs from making the leap. While various workarounds have emerged, Microsoft has recently taken steps to close off one of the more straightforward methods.
The method in question involved a simple command: applying a /product server
argument to the setup executable, which tricked Windows 11 into believing the PC was a server, thus bypassing the TPM 2.0 requirement. However, as reported by user Bob Pony via Tom’s Hardware, this workaround has been effectively blocked in the latest Insider build of Windows 11, specifically version 27686, also known as Dilithium.
The recently released Windows 11 Insider Build 27686 (Dilithium) has patched the “setup.exe /product server” workaround for bypassing the system requirements check. 😢 pic.twitter.com/G9Q1v3O1uUAugust 15, 2024
For those unfamiliar, the Trusted Platform Module (TPM) 2.0 is a small security chip embedded in the motherboard, primarily used for creating cryptographic keys that encrypt the contents of a PC’s storage drives. Most PCs built or purchased in the last eight years are likely equipped with a TPM chip, but older hardware often lacks this crucial component.
When Windows 11 was introduced with its TPM 2.0 mandate, a considerable number of otherwise functional PCs found themselves unable to upgrade. This situation has led millions to either remain on Windows 10 or seek alternative methods to bypass the requirement. Microsoft has been systematically dismantling these workarounds, and the recent move to block the product server method, while perhaps overdue, is a notable step in this ongoing effort.
Previously, Microsoft had implemented checks during the installation process to identify modern CPU instructions. This meant that even if users managed to circumvent the TPM 2.0 requirement, older CPUs would still prevent installation. As it stands, the new block is currently only present in the Insider program version of Windows. Users running Windows 11 on non-compliant hardware should remain unaffected for now. However, it is likely just a matter of time before this restriction is rolled out in a standard update, potentially rendering systems that relied on the product server method inoperable.
Another point of interest is whether Rufus, a popular tool for Windows installations, employs this method to bypass Secure Boot and TPM 2.0. While the specifics remain uncertain, it’s reasonable to assume that resourceful individuals will continue to discover alternative solutions to navigate the TPM dilemma. However, given Microsoft’s gradual approach to eliminating these workarounds, there may be no immediate cause for concern.