Why am I receiving this message?
Many devices that run Windows have a Trusted Platform Module (TPM) chipset. There's a security vulnerability in certain TPM chipsets that can affect operating system security, which means Windows operating systems are at an increased risk. You received this message because Microsoft has released security updates to address the vulnerability, which you need to download and install. Additionally, device manufacturers are releasing firmware updates to address the problem, which you also need to download and install. Finally, after you've installed these updates, you must clear your TPM.
Recommended actions
1. Download and install the Windows operating system updates from Windows Update
If you have turned on automatic updates in Windows Update, you don’t need to take any action because the updates will be downloaded and installed automatically.
If you have not turned on automatic updates, we recommend that you go to Windows Update immediately to check for and install the applicable updates manually. To learn more, see Windows Update: FAQ.
Warning
Do not apply the TPM firmware update before you apply the Windows operating system update. Doing so will make it impossible to determine whether your system is affected.
2. Install any applicable firmware updates
If you have a Surface device, see Security issue for TPM on Surface devices for more information and instructions.
If your device is not from Microsoft, locate the device manufacturer of your device in the following table, select the corresponding link, and apply the firmware update that's provide. If your device manufacturer isn't listed in this table, contact the manufacturer’s customer support department.
| Device manufacturer | Link for firmware update |
|---|---|
| TPM manufacturer | https://www.infineon.com/TPM-update |
| Fujitsu | https://www.fujitsu.com/global/support/products/software/security/products-f/ifsa-201701e.html |
| HP Customer Support | https://support.hp.com/document/c05792935 |
| HP Enterprise Support | https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03789en_us |
| Lenovo | https://support.lenovo.com/product_security/LEN-15552 |
| Panasonic | https://pc-dl.panasonic.co.jp/itn/info/osinfo20171026.html |
| Toshiba | http://go.toshiba.com/tpmsecuritynotice |
3. Clear your TPM
Important
Before clearing your TPM, make sure you back up your data. Do not clear the TPM on a device you don't own, such as a work or school PC, without being instructed to do so by your IT administrator.
To clear your TPM, follow these steps:
In the Windows Security app
on your Windows device, select Device security > Security processor details or use the following shortcut:Select Security processor troubleshooting, and then under Clear TPM, select Clear TPM
You'll need to restart your device to complete the process
Note
If you have Windows Hello configured (PIN or biometric), it will no longer work after you clear the TPM. To fix this, reset your PIN by following the guidance at PIN sign-in issues.