Microsoft has repeatedly insisted on the need to use the Trusted Platform Module (TPM) 2.0 as a basic security requirement for running Windows 11, but many people have never quite understood the purpose of this. To try to reinforce the reason for this requirement, the company has now practically demonstrated the difference between a computer with all the recommendations and one without.

Microsoft’s Director of Corporate Security and Operating System, David Weston, highlighted the fundamental role of these requirements as a way to ensure a safe experience for everyone in Windows 11. This is not exactly new, because the company has already mentioned it a few times. about the requirement, but never as explicitly as now.

TPM 2.0 ensures the security of keys, certificates and other protection data (Image: Replay/Microsoft Mechanics)

In the video, it is possible to observe how a criminal can use the loopholes to gain access to vulnerable machines, both locally and remotely, which would enable the use of ransomware techniques or theft of user identification credentials. In the first part, you can see the successful exploitation of a vulnerability from the RDP (Open Remote Desktop Protocol) port, gaining administrator access and being able to perform virtually all control of a Windows 10 PC without TPM and without Secure Boot enabled.

The expert further demonstrates the exploitation of a flaw in the fingerprint authentication process on a machine without VBS (Virtualization-based Security). In this case, it was possible to gain access to memory on the vulnerable system and modify the biometric authentication code to allow skipping the verification step, something that would allow access by any individual and even with the “digital” of a gummy bear.

Source: Microsoft Mechanics