How Windows Security Focus Misses the Point with Windows 11 TPM Requirement

Windows 10 is end of Life

Windows 10 has officially reached the end of life, reaching its 10 year mark and Microsoft is pulling the plug on regular security updates and patches. That means no more fixes for newly discovered vulnerabilities, no matter how critical.

Microsoft can't be expected to continue with its support, and everyone should be moved over to Windows 11. However, this is where Microsoft, I swear, is smoking something.

Windows 11, comes with a self-imposed set of hardware requirements, most notably, a Trusted Platform Module 2.0 (TPM), as well as Intel: 8th Gen Core (Coffee Lake, 2017) or newer, or AMD: Ryzen 2000 series (Zen +, 2018) or newer

Let's dig a little deeper......

What are Microsoft Thinking.....

With TPM enabling BitLocker to protect your data from the threat of someone physically stealing your laptop, you can almost admire Microsoft’s logic. Obviously, that’s a far bigger risk than a few hundred million unpatched Windows 10 machines being exposed to the Internet. Because, of course, laptops are being stolen by the truckload every night, while malware and remote exploits are just fringe concerns. Brilliantly deducted.

Microsoft’s perverse obsession with this stance is leaving millions of Windows 10 devices unpatched and exposed to the Internet. That’s the blueprint for the largest collection of remotely exploitable systems the world has ever seen. Genius really.

Windows 10 vs Windows 11: Who’s Really Using What

Windows 11 has finally surpassed Windows 10 in market share. Around 55 percent of active Windows desktops now run Windows 11, while roughly 42 percent remain on Windows 10. That's 42% of the world’s Windows machines running an operating system that’s no longer receiving security updates.

It's estimated that between 400 and 450 million Windows 10 devices exist, let that number sink in. Nearly 1/2 billion devices are now unpatched and will soon become vulnerable.

TPM 2.0 simply isn’t present on roughly 30 percent of Windows capable devices. And because TPM only became standard on mainstream hardware from around 2018 onward, mandatory for Windows 11 in 2021, anything older than 5 to 8 years is unlikely to have a TPM.

It's not like the hardware isn't fast enough!

Most older PCs can run Windows 11 without breaking a sweat, they’re powerful enough and can easily handle most workloads.

The Fear Factor.....

Microsoft seems to be betting on a mass migration, a sudden leap from Windows 10 to Windows 11 driven by fear of being vulnerable.

The message is clear: upgrade your hardware, buy a new PC, or live with unpatched vulnerabilities. It’s a calculated gamble that enough users will cave rather than risk running unsupported systems.

Of course, support can be extended for free if you sign up for a Microsoft account for an additional year of support. Otherwise, it's a paid for service.

The Truth of the Matter...

Microsoft, come down from your ivory tower, you’re not Apple, and your products aren’t objects of desire or status. There is no more passion for your products, people run Windows because they haven’t yet discovered the alternative of Apple, Linux and ChromeOS.

Admit your Mistake

If you’re willing to burn over 400 million devices because of an arbitrary decision, one that leaves them open to remote attacks while blocking any legitimate upgrade path to Windows 11, then maybe we should all consider alternatives before considering any Microsoft product.

Market Share

Windows devices are losing ground and have been for years. Mobile devices have taken over consumers daily computing, with most people handling email, banking, shopping, streaming, and social media entirely on their phones. The traditional PC has’s become an optional extra.

So if Microsoft keeps handing people reasons not to buy a PC, what do they think will happen? Enforce nonsensical hardware barriers, lock features behind accounts nobody wants, and deliberately block perfectly good machines from upgrading, customers will simply walk away.

Push hard enough, and they won’t just skip an upgrade, they’ll abandon the platform altogether. Once a customer fully switches to mobile only or jumps to Apple, ChromeOS, or Linux, they’re gone for good. They won’t be coming back just because Microsoft finally decides to be reasonable.

And right now, money is tight. Inflation has hammered disposable income, and consumers aren’t lining up to replace perfectly good hardware.

Microsoft picked the worst possible moment to demand a hardware refresh, in a market where users are already drifting toward mobiles and away from Windows entirely.

Rant over....Well almost

As a die hard Microsoft Engineer, I feel better for letting that rant go public.

There's been too many times in the last few years that Microsoft has miss-stepped and put both feet in it and angered their customer base. Lets, name a very select few, Xbox repeatdly, Out of Tune (Intune), the bag of spanners that is massively inferior to SCCM, deprecating MDT, CoPilot and AI stuffed into every corner of the OS and every app, sub-optimal and untested patches, reboots at the absoulute worse time, Ads on Enterpise devices, Ads in every facit of the OS and finally Windows Recall.