Technically speaking, there is always a way to install Windows 11 on a computer system without the TPM 2.0 or the Trusted Platform Module 2.0. You could use third party scripts that will bypass the TPM 2.0 requirements for installing the Windows 11 operating system on an un-supported architecture or hardware. Or, you could use an ISO image file to install Windows 11 on an unsupported configuration.
The question, essentially, is whether you should install Windows 11 on a system that does not have TPM 2.0 capability?
Before we answer the user question, we would like to explain what is TPM 2.0 or the Trusted Platform Module 2.0. This will help you understand, appreciated and finalize your decision about installing Windows 11 operating system on a PC without TPM 2.0.
At the macro level, you can consider TPM or Trusted Platform Module as a hardware based security mechanism that is used for authentication and security of the system. TPM is an international standard for chip level authentication and security.
Trusted Platform Module (TPM, also known as ISO/IEC 11889) is an international standard for a secure cryptoprocessor, a dedicated microcontroller designed to secure hardware through integrated cryptographic keys. The term can also refer to a chip conforming to the standard.
from wikipedia
The primary scope of TPM is to ensure the integrity of a platform. In this context, “integrity” means “behave as intended”, and a “platform” is any computer device regardless of its operating system. This is to ensure that the boot process starts from a trusted combination of hardware and software, and continues until the operating system has fully booted and applications are running.
When TPM is used, the firmware and the operating system are responsible for ensuring integrity.
from wikipedia
A single line understanding of the TPM 2.0 standards would be to understand that the TPM 2.0 compliant chip boosts your system’s security through hardware based authentication and integrity checks.
Windows 11 works on TPM 2.0 compatible chipset so that the hardware level security can be provided on the PC or computer system.
Should you install Windows 11 on a PC without TPM 2.0 compliance?
Honestly, I would say NO. Do not install Windows 11 on computers that do not have TPM 2.0 compatible chip. This is especially true for systems that are in use for commercial operations or business. Aside from that, there are multiple reasons that should make your desist from installing Windows 11 on a PC or system that does not have TPM 2.0 compatibility.
For a start, if you install Windows 11 on a PC that does not have a supported TPM 2.0 chipset, you may be able to install it fully through the ISO image. But, such an installation of Microsoft Windows 11 is considered an ‘unsupported’ installation by Microsoft. So, you would be out of luck in using the Windows Update program to update the Windows 11 installation. This Windows 11 install will remain stagnant at the ISO image’s Windows 11 install files. Your system will not be able to participate in the Windows Update program.
This may not look like a serious concern in the first go. But, for systems that have business data, such a shortcut to install Windows 11 may compromise your system’s security and integrity. An unpatched operating system is waiting to be exploited remotely through one or a combination of attacks that include the phishing attacks, ransomware attacks, remote code execution attacks and even the malicious code insertion attacks.
The United States has seen an exponential rise in ransomware attacks. Business and healthcare data has been encrypted by attackers for demands of ransom money. Installing Windows 11 on unsupported hardware platforms carry undefined levels of exposure and risks for your business or services. Would you risk your data or business continuity through an unsupported operating system on an incompatible PC? I would much rather prefer getting a new system and write it off against the business’s expense over a period of next 3 to 5 years. You need to look at the long term picture when you invest in systems and operating systems for a seamless business continuity.
Aside from that, if you wish to install Windows 11 through an ISO image on an unsupported TPM 2.0 personal computer, do so for lab or experimental reasons. Such a setup will not have any business or data loss impacts for the business or service providers. And come back to help the community in uncovering issues of security on an installation of Windows 11 on a system that does not conform to the TPM 2.0 capability.
Should I install Windows 11 using a third party script that bypasses TPM 2.0 requirements?
Internet is full of 3rd party scripts that will help you bypass Windows 11 hardware requirements. Would you be happy to install Windows 11 using a third party script that is designed to circumvent the inherent security architecture of the Windows 11 operating system? Do you really want to bypass the TPM 2.0 requirement on your system to install Windows 11 operating system?
Never use a third party script that interferes in the install process of an operating system. The script may be carrying a malicious payload, that may get installed alongside the Windows 11 operating system. Attackers have re-defined their strategies to attack unsuspecting users. The veracity of such third party scripts is unverifiable. And, there is no guarantee that these scripts cannot be hacked or compromised or exploited at a later date. Consider the costs in terms of time, money and business impacts. Is it really worth using a third party script to bypass the TPM 2.0 requirement for installing Windows 11. No, it is not. Let us move with the times and boost hardware based security offered through Windows 11.
For lab setups or experiments, you may use 3rd party scripts to install Windows 11 on the unsupported TPM 2.0 computers. You may install on such systems that are not connected in any way to the real and live business networks or business systems. These installations may help you uncover any security issues on the computer or on the Windows 11 operating system.
Conclusion
Windows 11 is designed to work flawlessly on the TPM 2.0 compatible systems. The TPM 2.0 compatible chips help you get a hardware based security on your personal computer or the business computer. We do not suggest installing Windows 11 on unsupported systems for lack of security updates and imminent security risks arising due to use of 3rd party scripts or unpatched operating system of Windows 11.
Rajesh Dhawan is a technology professional who loves to blog about smart wearables, Cloud computing and Microsoft technologies. He loves to break complex problems into manageable chunks of meaningful information.