How to upgrade and clean TPM security processor firmware in Windows
If you have a laptop or a PC with TPM support, and you receive a message in the Windows Defender Security Center, which states that you need to update your security processor or TPM firmware, you should update it by priority. In this guide, I will explain how to clean the TPM and update the TPM security firmware.
What is TPM in Windows 10?
Trusted Platform Module (TPM) – is a specialized chip. TPM is usually installed on the computer’s motherboard and interacts with the rest of the system using a hardware bus. It can store RSA encryption keys specific to the host system and hardware authentication. The TPM chip also contains an RSA “pair” of keys, called a confirmation key. The pair is supported inside the chip and cannot be accessed by software. In short, it can store important data, including fingerprints, face data, etc.
How to check if there is a TPM on the computer?
Click the Win + R key combination and type tpm.msc. The TPM module may be in one of the following states: Ready for use, Ready for use in reduced functionality mode, and Not ready for use. To use most of the TPM features in Windows 10, the TPM must be Ready to use.
Important: If you have a module, then you can update and clear the TPM in these parameters to the right. Therefore, you can not resort to the points below. But if something goes wrong, the points below are for you.
Note: When you enable the TPM there may be problems with bitlocker, disable the bitlocker when you enable the TPM module.
How to upgrade TPM security processor firmware
An update for TPM usually contains a fix for a security vulnerability that may affect the security of the operating system. This update will address a vulnerability that you will need to download and install. It is also possible that firmware updates are sent by OEMs that are faster than Windows Update.
Download and install updates for Windows
This is the best way to upgrade your TPM. If you have disabled automatic updates, then update windows to the latest version through Windows Update or install patches manually via the micosoft directory.
Installing firmware upgrades from OEMs
Many OEMs, including Microsoft, offer firmware updates separately. If the TPM firmware update was not included in Windows Update, then you will have to manually download and apply it.
How to clear TPM
After you have installed the firmware update, either through Windows Update or from the OEM website, you will also need to clear TPM. This is important for data security. Cleaning your TPM will reset your security processor to its default settings.
Open Windows 10 Defender, go to Device Security. Next, find the Security processor troubleshooting and click Clear TPM. Before completing the process, you must restart the device.
Clear TPM using PowerShell
There is a command that resets the Trusted Platform Module to its default state and deletes the owner authorization value and all keys stored in the TPM module. This command uses the owner authorization value stored in the registry instead of specifying a value or using a value in a file.
Open PowerShell as an administrator and enter Clear-Tpm.