We help IT Professionals succeed at work.

Trusted Platform Module (TPM) cannot start (code 10) after Windows 10 KB4532695 update

Mohammed Hamada
on
Yesterday and today Microsoft released KB4532695 and KB4528760 causes TPM 2.0 driver to stop functioning and causes BSOD with error “Memory Management” Issue. I am having the issue since then and although I tried to disable / enable TPM on bios, reinstall drivers and check for BIOS update nothing seems to work.

I decrypted my Drive just so I wouldn't get stuck with my files encrypted. I am trying to see if anyone had such an issue or if there's anyway know how to deal with such a problem?
I already tried removing the latest updates but nothing changed.

I've seen similar stories where people had the same issue and went to a support call with MS and of course MS blamed the manufacturer for it.
Any help is appreciated
Comment
Watch Question

Dr. KlahnPrincipal Software Engineer

Commented:
I'd restore from the most recent full backup made before the problem occurred, reboot with the network disconnected, then disable automatic Updates until Microsoft cleans up their mess.

Or boot to Safe Mode, revert the system from the most recent Restore Point made before the problem occurred, reboot with the network disconnected, then disable automatic Updates.
Mohammed HamadaSenior IT Consultant

Author

Commented:

The most recent backup is yesterday, The problem started 2 days ago

I also tried uninstalling all the updates this month but it didn't work either now my TPM driver is useless and randomly I get BSOD. 


Distinguished Expert 2019

Commented:

Not seen here (all have that update already, many have TPM 2.0 with Bitlocker active).

What type of TPM is that, discrete or firmware TPM?

What manufacturer?

What TPM details does powershell (get-tpm) reveal?

Mohammed HamadaSenior IT Consultant

Author

Commented:

Well now, it's showing nothing since driver is not recognized at all. I am not certain what is the discrete TPM but it's embedded in the Motherboard and I can see it and enable/disable from the BIOS.


Before these mentioned updates I have no problem at all, After the updates I noticed my Windows Hello Pin got lost and it asked me to reset it again then I realized the TPM driver 2.0 was invalid with code 10. 


As for the manufacturer, it doesn't say anything on the BIOS page. could it be Aptio ? I will try to look at the chip to see the manufacturer. 


TPM from powershell give these details. 

TpmPresent                : False
TpmReady                  : False
ManufacturerId            : 0
ManufacturerIdTxt         :
ManufacturerVersion       :
ManufacturerVersionFull20 :
ManagedAuthLevel          : Full
OwnerAuth                 :
OwnerClearDisabled        : True
AutoProvisioning          : NotDefined
LockedOut                 : False
LockoutHealTime           :
LockoutCount              :
LockoutMax                :
SelfTest                  :

Distinguished Expert 2019

Commented:

Discrete TPM: removable module

Firmware TPM: part of the firmware, like for example "Intel PTT"


Could you uninstall that upgrade, reboot, see if the driver works again and then use get-tpm?

Mohammed HamadaSenior IT Consultant

Author

Commented:

I tried that multiple times, No go but at least the Memory Management BSOD stops when I remove this update. 

Interesting thing is that not just TPM stopped, now even Virtual Box says no Virtualization Capabilities supported on my Device which I had over 20 VMs on it and was working fine also before these updates. 


The TPM is indeed firmware as it's fixed on the board. thing is my laptop is of a not so popular brand and has no recent BIOS update. 


I think that even reinstalling Windows 10 wouldn't help since eventually I will have to come to install these updates.

In the event viewer related to Device Manager (Trusted Platform Module 2.0) I see couple of errors sourced from Kernel-PnP and UserPnp


KernelPnp error

Device ACPI\MSFT0101\1 had a problem starting.

Driver Name: tpm.inf
Class Guid: {d94ee5d8-d189-4994-83d2-f68d7d41b0e6}
Service: TPM
Lower Filters:
Upper Filters:
Problem: 0xA
Problem Status: 0xC0000001

----

Device ACPI\MSFT0101\1 was configured.

Driver Name: tpm.inf
Class Guid: {d94ee5d8-d189-4994-83d2-f68d7d41b0e6}
Driver Date: 06/21/2006
Driver Version: 10.0.18362.267
Driver Provider: Microsoft
Driver Section: Tpm2BaseInstall
Driver Rank: 0xFF0002
Matching Device Id: *MSFT0101
Outranked Drivers: tpm.inf:ACPI\MSFT0101:00FF0001
Device Updated: true
Parent Device: ACPI_HAL\PNP0C08\0

----


UserPnp (Informational event) happens after Kernel-Pnp fail

Driver Management concluded the process to install driver tpm.inf_amd64_aaaa339206cb706e for Device Instance ID ACPI\MSFT0101\1 with the following status: 0x0.



Distinguished Expert 2019

Commented:

What you could do for a test: boot windows2go (USB stick based windows), just for reading out the component info.

Or provide the hardware ID as device manager shows it

Or provide the laptop model.


Mohammed HamadaSenior IT Consultant

Author

Commented:

Laptop Model is Monster Abra A7 V9.2 

On the TPM it says the following:

ACPI\VEN_MSFT&DEV_0101
ACPI\MSFT0101
*MSFT0101

Distinguished Expert 2019

Commented:

Hmm, cannot find many detaileds specs about that notebook's TPM at   https://www.monsternotebook.com.tr/abra/monster-abra-a7-v9-2/ I'll leave you with a screenshot showing some info about a working system here with the same hardware ID. Here, It's an fTPM (=Intel PTT):



Senior IT Consultant
Commented:

Hi McKnife, I managed to get it working finally! It was the Device Guard that did the trick.

after disabling Device Guard from powershell and Local Policy then restarting TPM was back to normal state. 


I documented this here already

https://www.moh10ly.com/microsoft-windows-10-security-updates-kb4532695-and-kb4528760-causes-tpm-driver-to-fail-and-results-in-windows-10-bsod/


Distinguished Expert 2019

Commented:

Fine. You should have an eye on the MS forums and post it in case no-one else opens a thread about it. It remains unclear if the conditions ftpm + device guard + new OS update are responsible alone or if something else is behind it. Could be true for some fTPMs, but not for all. We haven't widely enabled device guard here.