In preparation for the pending release of Windows 11, Asus is removing the updated firmware from the motherboard to help facilitate a seamless upgrade to Microsoft’s next operating system. New BIOS files do this by enabling Trusted Platform Module (TPM) 2.0 support.
TPM 2.0 is a key requirement of Windows 11 and one of the reasons people initially had problems with Microsoft's PC Health Check application before it went offline. The application was designed to scan systems for possible compatibility issues. If all went well, you knew your PC was ready for Windows 11.
Microsoft finished extracting the application because "it was not fully prepared to share the level of detail or accuracy we expected from us because a Windows 10 PC does not meet the upgrade requirements." I firmly suspect that this was to keep people from getting scared after failing the compatibility check due to nothing more than a fairly simple switch in the BIOS: TPM 2.0.
I initially came across this on my main system with an Asus ROG Maximus XIII Hero motherboard based on the Intel Z590 chipset. It's a newer platform, but since TPM usually shuts down by default, as was the case with me, the app sent a message saying "This PC can't run Windows 11", when in fact it does. that he could do it. All you had to do was enable TPM support in the BIOS.
Here’s what happens: In the vast majority of modern systems, TPM is built into the CPU. It can also be present as a real chip on the motherboard. Either way, their job is to add a layer of protection by generating and storing encryption keys and authenticating certain interactions.
Microsoft has decided to require this extra layer of security to run Windows 11. However, on most consumer platforms it is not enabled by default. In addition to the confusion, it can be labeled as something else in the BIOS: PTT (Platform Trust Technology) on Intel boards and PSP (Platform Security Processor) and / or fTPM (Firmware Trusted Platform Module) on AMD hardware.
This brings us back to Asus and its new round of BIOS updates. Asus updates the firmware on a large number of motherboards that, when applied, automatically activate TPM 2.0 without any user interaction. So, for example, if you have a TUF Gaming X570-Plus (AMD) motherboard or a Prime Z590-P (Intel) motherboard, all you have to do is apply the latest BIOS update and you're fine, at least so meets the TPM 2.0 requirement.
Asus is in the process of removing the updated firmware for dozens of AMD and Intel chipsets that cover hundreds of motherboard models. Many of them are already available, while several more are being tested. If you have an Asus motherboard, go to the Windows 11 BIOS microsite and look for the model to see if a new BIOS is available.
Alternatively, you can enable TPM 2.0 yourself without updating the BIOS. You may want to follow this path if the latest BIOS does not add anything else to the mix (you can check the release notes). Upgrading the BIOS is generally easy and safe these days, but things can still go wrong (like a power outage in the middle of an upgrade), and you may have a number of custom settings to re-enter.
On Asus Intel motherboards, settings can be found by going to Advanced> PCH-FW Settings> PTT and selecting Enable from the drop-down menu. On AMD motherboards, go to Advanced Settings> AMD fTPM and select Firmware TPM from the drop-down menu.