Link to home
Start Free TrialLog in
Avatar of Joe Winograd
Joe WinogradFlag for United States of America

asked on

Trusted Platform Module with Windows 10 - Upgrading TPM 1.2 to TPM 2.0

Hello TPM/W10 Experts,

A client is working on a project to upgrade an extremely large number of PCs to Windows 10. As part of the project, the client is purchasing some new laptops. Most of the existing computers and even some of the new laptops have a TPM 1.2 chip, while others have a TPM 2.0 chip. All the manufacturers of the new laptops with a TPM 1.2 chip have agreed to provide a firmware upgrade to TPM 2.0, which will be performed on all such machines, and it's likely that some, but not all, of the existing PCs with 1.2 will be upgraded to 2.0. The questions are these:

(1) Are there any issues after doing a firmware upgrade from TPM 1.2 to 2.0?

(2) Will the machines that are upgraded have full 2.0 functionality for W10 build 1511?

(3) Will the machines that are upgraded have full 2.0 functionality for W10 build 1607?

(4) Will there be any differences in performance, stability, security, or any other way between chips upgraded from 1.2 to 2.0 versus those that are native 2.0 chips?

I've done a lot of web research on this. That's not to say that there aren't great articles out there that I may have missed, but I'm more interested in the actual experience of the experts here at EE.

Thanks much, Joe
ASKER CERTIFIED SOLUTION
Avatar of Cliff Galiher
Cliff Galiher
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of Joe Winograd

ASKER

Hi Cliff,
Disabling BitLocker is an interesting idea. I see the "etc." on that comment and am wondering if you can give any other specific examples. Thanks, Joe
SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Cliff,
Thanks again. Regards, Joe
SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
> but on next reboot, Bitlocker entered recovery mode

Ouch!

> Result: bitlocker was no longer usable using the TPM.

Double-ouch!

Thanks for sharing this story, McKnife — very interesting! Thanks, too, for the advice re mass BIOS updates and on using TPM 2.0 with W10. Regards, Joe
Great feedback from Cliff and McKnife! My thanks to both. Regards, Joe
Joe, I would like to know the laptop models that will be upgraded. Need to inform myself about that upgrade. Didn't even know that tpm modules were upgradable in firmware. And Asrock did not describe their upgrade very well.
Hi McKnife,
I'm not close enough to the purchasing arm of the project to know the answer to that off the top of my head, but I'll try to find out for you. Regards, Joe
Fine.
Hi McKnife,
Got some feedback for you. So far, the only model on which they're doing the firmware upgrade is the Dell Latitude E5570 laptop. Even that has a caveat stating that full W10 capability depends upon having a Dell-supported/Intel-approved BIOS update. If I get more info, I'll pass it along. Regards, Joe
Hm, no documentation on what that bios update consists of - too bad.
Nope — but that would be very interesting!