Windows 11 system requirements - UEFI/Secure Boot only

I wonder if anyone else is aware of the new system requirements for the upcoming Windows 11.

What caught my eyes was this line:
System firmware: UEFI, Secure Boot capable

This will be a death knell for any pre-EFI PCs :scream:
All my desktops are EFI capable, but I also have legacy BIOS only laptops in a good working condition. While it is not a big deal for Linux users like myself, I wonder how many legacy BIOS PCs will create unnecessary e-garbage.


Nothing is final at this point, obviously, but as things stand, a requirement that Secure Boot be enabled will be problematic for users dual-booting Windows 11 and Zorin OS, among numerous other Linux distros. That's is going to be a real problem for those of us who operate in a mixed Windows/Linux environment.

Secure Boot is the tip of the iceberg, though, for Windows 10 users.

Windows 11, as presently configured, requires that TPM 2.0 be present and enabled. The TPM 2.0 requirement will be problematic for users with desktops and laptops pre-dating 2016 or thereabouts. I'm already seeing workarounds on the boards, but all my computers are TPM 2.0 compliant so I won't be able to test the workarounds.

Most troubling, though, is the Windows 11 does not support older processors, despite the fact that many of the unsupported processors appear to meet the published requirements. Take a look a the current list of Windows 11 supported processors (both AMD and Intel) for Windows Client Edition Processors. Looking at Intel Core processers (i3, i5 and i7), for example, you'll find that the only Intel Core processors that are supported are Generation 8 (circa 2018) and later. The AMD list is similar. It may be that If the supported list will expand before Windows 11 is released, but if the supported list does not expand, most computers built before 2018 will not run Windows 11.

I tested Windows 11 compatibility on a number of my computers last night. The computers with 8th, 9th and 10th generation Intel Core processors tested out okay, but two computers (a Dell Latitude laptop running on an Intel Core i5 7300U processor and a Dell Optiplex Micro running on an Intel Core i7 6600T processor) did not, despite the fact that both the i5 7300U and the i7 6600T processors meet the published requirements.

A lot of Windows 10 users are going to be in for a surprise when Windows 11 is released. The transition from Windows 10 to Windows 11 will not be smooth, and in many cases will not be possible.


I did the compatibility test on my AMD based Win10 laptop and it failed, but MS are saying they will update Win10 through to 2025. I guess it will be another ZorinOS candidate then. I have no intention of consigning a perfectly good working laptop to tech trash.
I am not sure how this fits in with the new EU "Right to Repair" legislation. EU consumers should enjoy a “right to repair” and enhanced product safety | News | European Parliament

1 Like

That is an interesting point. I did not think about it.

Just out of curiosity, I checked m/b of my 2 desktops. Both are almost the same vintage. The main machine has a workstation grade m/b and it is provided with a socket for an add-on TPM module. Other sub-machine has a consumer grade m/b and completely devoid of such socket.

I am not so sure if many of the unsupported PC owners will make a leap. It seems to me, a lot of people continue using unsupported Windows till the PC falls apart.

The good ol' NT kernel.


From the link you gave:

As of last month, 1.26% of all laptops and desktop computers worldwide were still running on the 19-year-old OS. That’s a greater proportion than much younger operating systems Windows 8 (0.57%), ChromeOS (0.42%) and Windows Vista (0.12%).
Windows XP officially reached end of life on April 14 2014, meaning Microsoft has not provided important technical and security updates for the OS for more than six years.

It is frightening :scream:
There is absolutely no way I or any of my family members use unsupported OS.

1 Like

I suspect you are right, at least through the Windows 10 EOL in 2025. After that, who knows? A lot of folks kept running Windows XP and Windows 7 long after support ended, and that will probably happen with Windows 10.

I think that a lot of Windows 10 users are going to howl. Microsoft's Surface Studio 2, for example, uses a Intel Core i7-7820HQ processor, and is not supported for Windows 11. The model is on sale in the Microsoft Store (and who knows how many retail outlets) for $3500 US and up. Can you imagine the reaction of someone who buys that computer today only to find out that it will be obsolete by the end of this year?

The more interesting question is what Linux distro developers are going to do about the Secure Boot requirement after Windows 11 is released and has built up a reasonable market share. Because of the Secure Boot requirement, many Linux distros (Zorin OS, for example) will no longer be able to be used in a dual-boot environment with Windows 11.

As I understand it, a Secure Boot certificate can be obtained from Microsoft at relatively low cost. Ubuntu and a number of other business-oriented distros have the certificate embedded, but most consumer-oriented distros, including Zorin, do not.

I wonder how other distro developers will respond. It is too early to predict, I guess.


Virtualizing Windows on Linux host?
That is how I run Windows for last 6 - 7 years.
While VM is not for gamers, it works quite well for my use case.

What I am not clear is whether it is possible to virtualize Windows 11 on the non-TPM capable Linux host. I think the only way to know is trying it in a real life setup. I know there is a leaked preview version of Windows 11 circulating, but I am not adventurous enough to download it :stuck_out_tongue_winking_eye:

Yup, it is doable :slight_smile:

and if your system for whatever reason doesn't have TPM, you can just run a T1/2 HV, run vTPM, and install win11 there.
lots of advantages to virtualizing windows in a T2 HV though, including being able to control windows' ability to exfiltrate data..

1 Like

I am not clear that Windows 11 requires Secure Boot. What I read in the links above was "Secure Boot Capable."
Tomscharbach, I agree with you heavily- but clarity of valid information is important. As many already know... I am no fan of Windows. But it is also valid that "dislike" can easily lead toward negative confirmation bias.
It seems likely to me that what we see today is quite similar to what we have seen in the past. Windows, when nearing release of a new version, amps up promotion on the Newest, the Latest... the okayist...
But the MS team does add further support on older systems by around the time of release or a bit thereafter.
This here is a valid fear:

But also shows why it is more unlikely to happen. MS is not going to want to deal with that kind of feedback. Any report detailing post-release reactions would be a very loud one. And MS popularity has slid slightly from being generally tolerated with a lot of damning P.R. blows, up to and including the shocking revelation that Bill and Melinda no longer wuv each other.
I mean, seriously... couldn't they stay together for the Kids?!
Personally, I am far more concerned about the details on the release of Gnome 40 than of Win 11. Because Gnome will stick to their guns and keep telling us what we want, but MS at least knows how to throw the users a bone and cave in once in a while.

And us? We are the lil market. Microsofts highest concern will be big businesses and corporations that are going to make life very difficult for MS if these corporations need to replace tens of thousands of individual machines or more... Nooo that's not happening.

As an aside: Welcome to the Forum. All of two posts in, I have already enjoyed your fast thinking and intelligent analysis.


At one point in my career I was the IS Director of a small (that is, about 3500 installed computers) Microsoft Enterprise customer, so I have some sense of what you are saying.

In general, large business replace desktops and laptops on a 3-5 year cycle, laptops more quickly than desktops, for obvious reasons. The CPU support specifications seem to correlate with that cycle but also seem to be pushing the cycle (the Core 7000 series (not supported) was incorporated in mainstream business computers in 2017-2018, the 8000 series (supported) was incorporated in 2018-2019). The former is roughly five years, the latter roughly three years.

I am not surprised that Windows 11 will not support older hardware (the computing environment has changed a lot in the last few years, particularly in the security area), but I was surprised at the 8th generation cutoff. I would have expected that the cutoff would have been tied to a 5-year cutoff, or 2016-2017 (that is to say 7th generation Core, for example), not 2018-2019.

My guess is that Microsoft is going to back off to at least the 2016-2017 generation of CPU's before Windows 11 is released, although it might not. The reason it might not is that the Enterprise customer base is a slow-adopter base (there are enormous costs involved in implementing a new OS), and I would be surprised if Enterprise customers adopted Windows 11 in quantity before 2023 at the earliest. Testing and pilot installations, to be sure, but company-wide cutover, probably not. That would bring the release and replacement cycles more or less in sync.

Depending on consumer reaction (blowback, to be more accurate) Microsoft might back off more. As you note ("... the MS team does add further support on older systems by around the time of release or a bit thereafter ...") Microsoft has a history of expanding eligibility upon release.

The thing that gives me pause is this statement:

While we recommend that all PCs meet the full hardware requirements for Windows 11, we are allowing some limited exceptions as we apply these new restrictions. All Windows Insiders who have already been installing builds from the Dev Channel on their PCs up through June 24, 2021 will be allowed to continue installing Windows 11 Insider Preview builds even if their PC does not meet the minimum hardware requirements. Insiders with PCs already in the Dev Channel have been installing and giving feedback on builds with Windows 11 features since last year. Our way of saying thanks is to go ahead and give them the opportunity to see everything come together. ... Once Windows 11 is generally available, these PCs will be opted out of flighting and will not be able to receive future Windows 11 Insider Preview builds. These PCs must clean install back to Windows 10 with the media (ISOs) that we provide and can then join the Release Preview Channel to preview Windows 10 updates.

That suggests that Microsoft might not follow past practice in the case of Windows 11.

You are right about that, and I did not sufficiently qualify my statement with "if" in the second post, as I did in the first. I should have done so.

However, I won't be surprised to see "Secure Boot Enabled" become a requirement for Windows 11 installation within the next few years.

Here's why: Microsoft has required both TPM and Secure Boot be installed on Windows-Certified computers for quite a number of years. Microsoft did not, however, require that either be installed on a computer in order to install Windows 10. What has changed is not the requirement that Windows-Certified computers have TPM and Secure Boot installed, but that but that Windows 11 itself will not install without both existing. That's a significant change, and the change suggests to me that Microsoft is on the cusp of requiring that both TPM and Secure Boot be enabled in order to run Windows 11. When that will happen I don't know, but I am reasonably sure that it will happen. Microsoft has been pushing closer and closer for years now, and it seems to me that Microsoft will pull the trigger sooner or later. To me, it seems to be the logical outcome of Microsoft's thrust to ensure that TPM and Secure Boot become industry standards. Why would Microsoft put all that time and effort into TPM and Secure Boot if Microsoft had no plans to make those components central to Windows security?

I could easily be wrong about that (it could be that Microsoft is requiring TPM and Secure Boot be present simply to cut out the chaff of older computers -- that's what Microsoft seems to be doing by cutting out older processors -- and cutting development/maintenance costs as a result), but I don't think so.


Thanks for posting this interesting information.
I have been on a Dev Channel on 10 years old Aspire (my test PC). Indeed I saw the message saying I would only receive the update till the release of Win 11. That means Windows 11 can run on the older hardware, but MS does not want to make it available for such old machines.

1 Like

I agree that it will be no surprise if Microsoft does make this a requirement. As you logically point out: why would they have invested so much in it, just to drop it?
This would not be over-all destructive on the Linux side of things. While it is better to disable secure boot generally and necessary only sometimes; It can be worked around. Linux would need to adapt. But it can adapt to it.

I think support for older machines is a fine thing. But it is as true that you cannot install Zorin 6 or Windows 1995 even on an Amstrad CPC 464.

We see this in automotive, too. As a classic car mechanic, I deal a lot with not just restoration, but preservation.
But the times are changing. And we cannot deny our responsibility to step up. The cars of the future will also come with restrictions and regulations that we will not like. We need them. In this case, it is not about a greedy corporation asserting dominance and control, but about the necessary sacrifices to undo the global Climate Change we have created, resulting in a massive extinction event right before our eyes.
At some point, we must be willing to accept change. For some things; embrace them, even.
This Climate Problem? Totally fixable. Totally. We can halt it in its tracks and undo it. But... It would be beyond just inconvenient... We would have to revert to Horse and Buggy, reserving any electrical distribution for Hospitals and labs, but not for homes. We can, but won't. With all the math and knowledge and climate science before us, with the option to solve the problem that plagues us actually available - we will not because ultimately, we care only about ourselves. We are a particularly self-driven species... Even if there is a chance we doom our own. Many of us do not care about the generations that follow after we are dead and gone. Some of us even deny the science, reject the evidence and claim that climate change is not even a thing.

Microsoft is a greedy corporation that asserts dominance and control. But if we, as basic human beings, cannot even handle Responsible change... We are certainly going to react to less-than responsible change.
We want support for older computers because new computers cost money. And we have to re-install and its a hassle. And... you know... I don't wanna.
There are good reasons for wanting to make a computers last longer - Making new computers and dealing with the old ones is a nightmare for the Environment. But on average, how many people are motivated by that reason over the drain on their checking account?

We have had a nice run of computer technology increasing in leaps and bounds. But we are approaching the Heisenberg wall. There's a limit. We slowed to a trot, then a jog and now are at walking pace. Soon, it will be a crawl.
Microsofts restrictions will soon mean nothing - when buying a new computer 3 years later nets you pretty much the same machine from 3 years before. Without an advent of Quantum Home Computers, really... The push for the Latest and Greatest is losing its edge. I could argue that even the most abhorrent of MS hopes and dreams may be too little, too late.

Windows 11 too problematic? People will just use Windows 10. Or... Linux :smiley:


It does look like Microsoft has drawn an arbitrary line. Microsoft has been supporting a lot of old hardware over the years, and seems ready to stop doing that going forward.

A lot of users won't be happy, but I think that Microsoft's move is the correct move, quibble as I might about where Microsoft should draw the line between supported and unsupported.

Windows has become a bit like a wooden ship from the 1800's, gathering seaweed to the point where it streams out several hundred feet past the stern, rotting the hull and interfering with operation, eventually rendering the ship almost unusable.

Wooden ships of the era had to be drydocked and cleaned back to the hull periodically to keep them sailing.

Operating systems are no different. At some point, you have to stop trying to support everything and everything, rid yourself of the cruft, clean things up and move forward. Microsoft seems to be doing that, at least in part, with Windows 11. Apple has done it for years. So has Linux.

The simplest solution might be to embed a Secure Boot certificate into the Linux kernel. My guess is that Microsoft would cooperate, because a large percentage of Microsoft's Enterprise base uses both Linux and Windows, and Microsoft has been contributing a lot to Linux in recent years.


I certainly keep my hope up for that.
Microsoft :heart: Linux, wasn't it? :stuck_out_tongue_winking_eye:

That reminds me.

When I was running OSX on PC, Apple made a cut-off for (either Sierra or High Sierra, memory fails...) upgrade to certain Macbook models. In reality, hardware itself was capable for this new version. Sooner rather than later, someone came up with a method to circumvent this software restriction and released it on net.

As Confucius says "the higher authorities have policies the localities have their counter measures".

Considering the number of Windows users out there, I would not be surprised to see some people come up with such "Upgrade-Fu" :panda_face:


It increasingly looks as if Microsoft is serious about requiring 2018 or newer processors to install Windows 11. Since we started this discussion yesterday morning, Microsoft made changes to Windows 11 documentation:

(1) The CPU requirement which read "Processor: 1 gigahertz (GHz) or faster with two or more cores or system on a chip (SoC)." yesterday morning now reads "Processor: 1 gigahertz (GHz) or faster with two or more cores on a compatible 64-bit processor or system on a chip (SoC)."

(2) Microsoft documentation that identified CPU generation as a "soft floor" and suggested that Windows 11 would install on earlier generations ("Devices that do not meet the hard floor cannot be upgraded to Windows 11, and devices that meet the soft floor will receive a notification that upgrade is not advised.") has been removed.

A Twitter exchange between Michael Kan, a technical writer at PC Magazine and Microsoft VP Steve Dispensa yesterday afternoon (after the documentation changed) adds a bit of further information:

Kan: "I thought that list [the minimum hardware requirements list linked in an earlier comment] was just for OEM's though? The minimum system requirement page for Windows 11 just says dual-core 1Ghz and up?"

Dispensa: "No, Windows 11 has more specific CPU requirements than just dual-core 1GHz and up. I think the link in that screen shot points to the CPU compatibility list I posted above."

Although (as Aravisian pointed out) Microsoft has a history of modifying hardware requirements before or shortly after a Windows release, I think that the prudent course is to take the current CPU generation requirement as a given when planning.


It must be Microsoft eavesdropping their competitor's forum (us!) :grin:

If virtualization is not the answer for this new requirement, it will give me an excuse to build another system :wink: My husband has to put up with a half build tower occupying the dining table for a few days.

Just chat with my Hackintosh buddy from US.
There is already a mod version of leaked Windows 11 which can be installed on (almost) any CPUs. He confirmed that no secureboot nor TPM nor UEFI needed, which means BIOS only machines can take it. So I was right about the possibility of Upgrade-Fu :crazy_face:

1 Like

Even if the requirement is in place, wouldn't it be possible to have a grub update that automatically turns these things on in uefi to start windows? I'm sure start speeds would take a hit for both os's, but for everything required, there is normally an automatic workaround in order to accomplish what we want with these man made machines.

All this is somewhat moot until 2023/4 when Microsoft announced they are discontinuing support for win 10. Those that will not upgrade will run without updates, as we have seen several times in the past and currently.

We have hit lulls before in hardware development until someone thinks beyond the current restrictions and finds a widely adopted solution (think 32 bit processors and memory, hard drive storage limitations, portable media storage limitations...etc). Will this be longer or shorter than previous hardware development "limitations" is the real question. I don't anticipate the answer as i once did.

Both of these are wait to see moments, and I'm sure already in the hands of research and development teams in companies and universities worldwide. None of this should be worrisome yet, as cyberpunk has shown us... what they say and what they produce are usually completely different entities not comparable in the least, though Microsoft does tend to stick more to realistic protections, they're not likely going to want to give up that 60+% market share they have. The real dream would be a Linux distribution that cuts into that, but we all know that is some time off if it ever truly happens.

1 Like

Agreed. I am beginning to waffle about my generalist point of view earlier.
The more I read up and look into this, the more something smells different.

1 Like

Yet I managed to override those "restrictions".
I did that just because I can :grin:

My 10 year old Aspire is currently running Windows 11. Since it is a testing machine, I probably go back to Windows 10 though (thanks to easy image restore by Clonezilla).

For those of you still interested in Windows 11, I found a very interesting app to test the system upgrade eligibility:

This is the result of WhyNotWin11 on 10 year old Aspire [which is running Windows 11].

1 Like

Thanks for letting us know about it. A caution, though: WhyNotWin11 did not have a signed certificate at the time I tested the app. WhyNotWin11 is nothing more than a script, so it is probably safe to use unsigned, but keep that in mind if you decide to use it.

Two interesting things about WhyNotWin11 (Version 2.1, probably to be updated as Microsoft's requirements are further clarified):

(1) WhyNotWin11's "CPU Compatibility" check seems to reflect the "hard/soft" CPU requirement that Microsoft initially announced but seems now to have changed (note the green/yellow/red rather than green/red in this category); and

(2) On a computer with Secure Boot installed, WhyNotWin11 checks to see if Secure Boot is enabled, and if not, returns a red fail. WhyNotWin11 seems to assume that enabled Secure Boot is a requirement for Windows 11 installation. Microsoft has not explicitly made this a requirement - yet.

Is this the modified leaked version you mentioned in an earlier comment? If so, do you have any information about how the leaked version was modified?

1 Like