Joe Winograd
asked on
Trusted Platform Module with Windows 10 - Upgrading TPM 1.2 to TPM 2.0
Hello TPM/W10 Experts,
A client is working on a project to upgrade an extremely large number of PCs to Windows 10. As part of the project, the client is purchasing some new laptops. Most of the existing computers and even some of the new laptops have a TPM 1.2 chip, while others have a TPM 2.0 chip. All the manufacturers of the new laptops with a TPM 1.2 chip have agreed to provide a firmware upgrade to TPM 2.0, which will be performed on all such machines, and it's likely that some, but not all, of the existing PCs with 1.2 will be upgraded to 2.0. The questions are these:
(1) Are there any issues after doing a firmware upgrade from TPM 1.2 to 2.0?
(2) Will the machines that are upgraded have full 2.0 functionality for W10 build 1511?
(3) Will the machines that are upgraded have full 2.0 functionality for W10 build 1607?
(4) Will there be any differences in performance, stability, security, or any other way between chips upgraded from 1.2 to 2.0 versus those that are native 2.0 chips?
I've done a lot of web research on this. That's not to say that there aren't great articles out there that I may have missed, but I'm more interested in the actual experience of the experts here at EE.
Thanks much, Joe
A client is working on a project to upgrade an extremely large number of PCs to Windows 10. As part of the project, the client is purchasing some new laptops. Most of the existing computers and even some of the new laptops have a TPM 1.2 chip, while others have a TPM 2.0 chip. All the manufacturers of the new laptops with a TPM 1.2 chip have agreed to provide a firmware upgrade to TPM 2.0, which will be performed on all such machines, and it's likely that some, but not all, of the existing PCs with 1.2 will be upgraded to 2.0. The questions are these:
(1) Are there any issues after doing a firmware upgrade from TPM 1.2 to 2.0?
(2) Will the machines that are upgraded have full 2.0 functionality for W10 build 1511?
(3) Will the machines that are upgraded have full 2.0 functionality for W10 build 1607?
(4) Will there be any differences in performance, stability, security, or any other way between chips upgraded from 1.2 to 2.0 versus those that are native 2.0 chips?
I've done a lot of web research on this. That's not to say that there aren't great articles out there that I may have missed, but I'm more interested in the actual experience of the experts here at EE.
Thanks much, Joe
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Cliff,
Thanks again. Regards, Joe
Thanks again. Regards, Joe
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
> but on next reboot, Bitlocker entered recovery mode
Ouch!
> Result: bitlocker was no longer usable using the TPM.
Double-ouch!
Thanks for sharing this story, McKnife — very interesting! Thanks, too, for the advice re mass BIOS updates and on using TPM 2.0 with W10. Regards, Joe
Ouch!
> Result: bitlocker was no longer usable using the TPM.
Double-ouch!
Thanks for sharing this story, McKnife — very interesting! Thanks, too, for the advice re mass BIOS updates and on using TPM 2.0 with W10. Regards, Joe
ASKER
Great feedback from Cliff and McKnife! My thanks to both. Regards, Joe
Joe, I would like to know the laptop models that will be upgraded. Need to inform myself about that upgrade. Didn't even know that tpm modules were upgradable in firmware. And Asrock did not describe their upgrade very well.
ASKER
Hi McKnife,
I'm not close enough to the purchasing arm of the project to know the answer to that off the top of my head, but I'll try to find out for you. Regards, Joe
I'm not close enough to the purchasing arm of the project to know the answer to that off the top of my head, but I'll try to find out for you. Regards, Joe
Fine.
ASKER
Hi McKnife,
Got some feedback for you. So far, the only model on which they're doing the firmware upgrade is the Dell Latitude E5570 laptop. Even that has a caveat stating that full W10 capability depends upon having a Dell-supported/Intel-appro ved BIOS update. If I get more info, I'll pass it along. Regards, Joe
Got some feedback for you. So far, the only model on which they're doing the firmware upgrade is the Dell Latitude E5570 laptop. Even that has a caveat stating that full W10 capability depends upon having a Dell-supported/Intel-appro
Hm, no documentation on what that bios update consists of - too bad.
ASKER
Nope — but that would be very interesting!
ASKER
Disabling BitLocker is an interesting idea. I see the "etc." on that comment and am wondering if you can give any other specific examples. Thanks, Joe