Windows 11 TPM requirements will cause massive headaches for businesses

Windows 11 File Explorer on a PC in an office
(Image credit: TechRadar)

When Windows 11 releases next week, IT teams in large enterprises will be faced with an almost herculean challenge when it comes to updating their fleet of devices to the latest version of Microsoft's operating system.

Although Microsoft has reversed course and will now allow anyone to manually install Windows 11 regardless of their CPU, automatically upgrading is only possible if a device's CPU, RAM and its TPM meet the requirements necessary to execute the upgrade. Unfortunately though, most business computers and workstations likely won't be eligible for an automatic upgrade according to new research from Lansweeper.

By analyzing an estimated 30m Windows devices from 60k organizations, the IT asset management software company found that on average, only 44.4 percent of workstations are eligible to receive the automatic upgrade while the rest are ineligible.

This means that IT teams will have to manually update hundreds if not thousands of devices to Windows 11. To make matters worse, future Windows 11 updates are not guaranteed if these devices don't meet Microsoft's system requirements.

Eligible devices

According to Lansweeper, only about half of the trusted platform modules (TPM) found in workstations met Microsoft's Windows 11 requirements while over 19 percent failed and 28 percent were not TPM compatible or did not have it enabled.

Virtual machine workstations are even less likely to be eligible as only 66.4 percent have enough RAM (4GB) and only 0.23 percent have TPM 2.0 enabled. This makes sense has TPM has never been required for Windows before and while TPM passthrough (vTPM) exists in order to give virtual machines a TPM, it is rarely used.

When it comes to TPMs on servers, only 1.49 percent passed the test which means that about 98 percent won't be able to upgrade to Windows 11 if Microsoft creates a server operating system with similar requirements in the future.

Although Microsoft does provide some tips on how to have a smooth Windows 11 migration as well as a PC health check tool to assess the compatibility of PCs with Windows 11, many large enterprise organizations don't have complete visibility across all of their devices. This means that IT teams will have to manually inspect machines on an individual basis to see if they meet Microsoft's Windows 11 requirements.

As Windows 10's End of Life is planned for 2025, businesses will need to find a way to upgrade to Windows 11 if they want to continue receiving security updates. By using Lansweeper though, organizations can identify all of their connected Windows machines with little effort to determine whether or not they can be updated to the next version of Windows.

Anthony Spadafora

After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home.