Create a package in Microsoft Endpoint Manager (SCCM) Place the source files on a share accessible by Microsoft Endpoint Manager (SCCM). IMPORTANT! Do NOT download the HP TPM Configuration Utility through any other sources, since you might not get the latest version!! Create an encrypted password file
Once installed, select the model you want to update TPM from 1.2 to 2.0 and download TPM Configuration Utility through the tool. You can retrieve the latest version through the HP Image Assistant (HPIA). The best way to update the TPM firmware is by using TPM Configuration Utility.
In the blog post above, you will learn how to enable TPM, a prerequisite for following this blog post. Please refer to my blog post on How to use HP BIOS Configuration Utility to set BIOS settings to read about how I do this. In the below sections, I reference some BIOS settings that are to be automatically configured. The last alternative is by using TPM.msc How to do a HP TPM update from 1.2 to 2.0 using HP TPM Configuration Utility Configure HP BIOS settings Get-WmiObject -Namespace rootcimv2securitymicrosofttpm -Class Win32_TPM | Select Specversion Start an elevated Powershell window and use the following Powershell command: The different version properties on the chip are:Īlternative 1 – Windows Security settings Alternative 2 – Powershell
This blog post describes how to upgrade the TPM chip firmware from 1.2 to 2.0 for HP machines using Microsoft Endpoint Manager (SCCM) and HP TPM Configuration Utility.
Unfortunately, this is no way of working in an enterprise environment. You can go to all machines in your environment, enable TPM in BIOS, and upgrade them to TPM 2.0. TPM 2.0 was also required for Credential Guard in Windows 10 1507, but this is no longer the case. The only feature that I know of that requires TPM 2.0 is Device Encryption (Not Bitlocker). The TPM chip is required for features such as:
TPM 2.0 is now a requirement for Windows 11. The Trusted Platform Module (TPM), is a hardware component on the motherboard, developed by Intel, providing physical-level security for Windows 10. TPM 2.0 has been around since 2013, but since July 28, 2016, vendors are required to provide their machines with TPM 2.0. Note that a prerequisite for everything in this blog post is that enable TPM in the HP BIOS. This blog post covers the TPM chip and how to do a firmware update from TPM 1.2 to TPM 2.0 for HP machines using HP TPM Configuration Utility and SCCM. In those cases, the TPM firmware needs an update to 2.0, which this blog post covers. Some older machines might have TPM, but TPM 1.2. Most computers released within the past 3 years should have TPM 2.0. Upgrading TPM from 1.2 to 2.0 has been a recommendation for the past few years, but apart from increased security, there hasn’t been a practical reason why you would need to update.īut on Friday, June 25th, 2021, everything changed when Microsoft announced Windows 11 and the requirement of TPM 2.0.