If you receive a message in Windows Security prompting you to update your security processor or TPM firmware, follow the steps in the "Recommended actions" section below.
Note: In previous versions of Windows 10, Windows Security is called Windows Defender Security Center.
Why am I receiving this message?
Many devices that run Windows 10 have Trusted Platform Module (TPM) chipsets. There's a security vulnerability in certain TPM chipsets that can affect operating system security, which means Windows 10 operating systems are at an increased risk. You received this message because Microsoft has released Windows 10 security updates to address the vulnerability, which you need to download and install. Additionally, device manufacturers are releasing firmware updates to address the problem, which you also need to download and install. Finally, after you've installed these updates, you must clear your TPM.
Recommended actions
1. Download and install the Windows operating system updates from Windows Update
If you have turned on automatic updates in Windows Update, you don’t need to take any action because the updates will be downloaded and installed automatically.
If you have not turned on automatic updates, we recommend that you go to Windows Update immediately to check for and install the applicable updates manually. To learn more, see Windows Update: FAQ.
Warning: Do not apply the TPM firmware update before you apply the Windows operating system update. Doing so will make it impossible to determine whether your system is affected.
2. Install any applicable firmware updates
If you have a Surface device, see Security issue for TPM on Surface devices for more information and instructions.
If your device is not from Microsoft, locate the device manufacturer of your device in the following table, select the corresponding link, and apply the firmware update that's provide. If your device manufacturer isn't listed in this table, contact the manufacturer’s customer support department.
Device manufacturer |
Link for firmware update |
---|---|
TPM manufacturer |
|
Fujitsu |
https://www.fujitsu.com/global/support/products/software/security/products-f/ifsa-201701e.html |
HP Customer Support |
|
HP Enterprise Support |
https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03789en_us |
Lenovo |
|
Panasonic |
|
Toshiba |
3. Clear your TPM
Important: Before clearing your TPM, make sure you back up your data. Do not clear the TPM on a device you don't own, such as a work or school PC, without being instructed to do so by your IT administrator.
To clear your TPM, follow these steps:
-
Go to Start > Settings > Update & Security > Windows Security > Device security .
-
Under Security processor, select Security processor details.
-
Select Security processor troubleshooting, and then under Clear TPM, select Clear TPM.
You'll need to restart your device to complete the process.
Note: If you have Windows Hello set up (PIN or biometric), it will no longer work after you clear the TPM. To fix this, reset your PIN by following the guidance at PIN sign-in issues.