Bogdan Caraman Blog EN

How to Update the TPM Firmware

by

Bogdan Caraman
in

The TPM (Trusted Platform Module) is a cryptographic module that enhances computer security and privacy. Protecting data through encryption and decryption, protecting authentication credentials, and proving which software is running on a system are basic functionalities associated with computer
security.

  1. To check your TPM version on Windows 10 go to the search bar (Windows key + S) and type “tpm.msc” in the box, and hit Enter;
  2. See Specification Version (1.2 or 2.0) from TPM Manufacturer Information;
  3. If you received “Compatible TPM cannot be found” your motherboard may have a TPM that is disabled or is not supported;
  4. You can search how to enable the TPM from your PC manufacturer’s support information like Asus, Dell, HP, Lenovo, Microsoft Surface;
  5. If your desktop computer does not support TPM then you can buy a TPM 2.0 MODULE and install it on the motherboard;
  6. Not every motherboard can support adding a TPM module so verify the manufactory’s documentation before that;
  7. When the TPM is Enabled and shows Version 1.2, then go to the manufactory’s support website to obtain the TPM 2.0 Firmware Update Utility and optional the latest BIOS update file;
  8. If your disk volume where Windows is installed is encrypted with BitLocker try to decrypt it before updating the TPM and BIOS;
  9. To Disable BitLocker on Windows go to search bar (Windows key + S) and type “Manage BitLocker” and hit Enter;
  10. Turn off BitLocker” on (C:) if the Windows is installed there;
  11. To Disable BitLocker from Command Prompt go to the search bar (Windows key + S) and type “cmd” or Windows Key + X to open Win + X menu and choose Command Prompt (Admin) from the menu;
  12. To display the status of drive C, type: manage-bde -status and press Enter;
  13. To Disable BitLocker on (C:), type: manage-bde -off c: and press Enter;
  14. This process can take a while, so don’t interrupt it;
  15. When your Data Volume is Fully Decrypted then is time to Clear TPM;
  16. Clear TPM –  Method 1:
    1. Go to Start > Settings > Update & Security > Windows Security > Device security;
    2. Under Security processor, select Security processor details;
    3. Select Security processor troubleshooting, and then under Clear TPM, select Clear TPM;
    4. You’ll need to restart your device to complete the process;
  17. Clear TPM – Method 2:
    1. Go to the search bar (Windows key + S) and type “tpm.msc” in the box, and hit Enter;
    2. From Trusted Platform Module (TPM) Management on Local Computer see Actions and click on Clear TPM (“You may clear the TPM to remove ownership and reset the TPM to factory defaults”);
  18. After your device was restarted to complete the action is now the time to run the TPM 2.0 Firmware Update Utility;
  19. If the process failed please repeat the Clear TPM process and then run again the TPM 2.0 Firmware Update Utility;
  20. If the procedure was successfully then now it’s time optionally but recommended to update the BIOS too;
  21. When everything is updated you can encrypt the (C:) drive again.
Linux » How to Update the TPM Firmware