Found this tech article in trying to help someone else here at AMD Forum about a Windows 10/11 bug that is not detected by Windows but is detected by BIOS. It mainly concerns the Ryzen 5000 series CPU processor: https://hothardware.com/news/windows-11-tpm-bug-wreaking-havoc-on-amd-ryzen-systems
A new TPM bug has surfaced on AMD Ryzen-based systems where the CPU’s built-in TPM module fails to be recognized in Windows 10 and 11, in spite of the module being activated in BIOS. This has been recognized by Microsoft, however, there is no fix at this time. The issue appears to be related to Ryzen 5000 CPUs specifically, all affected user reports are confirming the existence of this bug with a Ryzen 5000 series part. One user, in particular, confirmed the issue happens when switching from a Ryzen 5 2600 to a Ryzen 7 5700X — and switching back to the 2600 fixed the TPM bug. Other reports confirm issues with Ryzen 7 5800X3D CPUs as well. In a touch of irony, the same issue cropped up on my own personal Ryzen 7 5800X3D system just yesterday, where the TPM module was also failing to be recognized by Windows. The bug is especially problematic on boot-up, where the TPM module completely fails to be recognized until the security app has verified the “Virus & threat detection.” Once that is complete, the TPM module is usually recognized after closing and opening the app again, but even this doesn’t always work. Re-opening the Security app multiple times lead me to a plethora of minor glitches with the TPM bug, where information was missing from the Security Processor Page. To make matters worse, TPM attestation is also bugged out, saying “not supported” on the same page consistently.
For reference, I am on a MSI B450 Pro Carbon AC motherboard running one of the latest AGESA microcode updates, version 1.2.0.7, along with the latest AMD chipset drivers, and Windows 11 updates as of the time of this writing.
This issue is a big problem for users who actively use the built-in TPM module for data encryption. This bug can prevent encrypted data from being accessed, and in a worst-case scenario prevent boot-ups entirely if the boot drive is encrypted. The TPM module serves as an added layer of security that houses very important authentication keys for the encrypted data it is securing. If the security application does not have backup keys, losing the TPM module can mean the loss of the encrypted data as well.
However, it's worth noting that this issue should only affect users who actively utilize the TPM module. This is different from Windows 11's TPM requirements, where a TPM module simply needs to exist on the machine to meet the OS’s system requirements. Yes, this actually means the TPM module inside most Windows 11 machines is sitting there doing nothing. TPM is only utilized if actively used with something like Windows Bitlocker, Windows Hello, or 3rd party encryption software. This issue is highly reminiscent of the AMD fTPM bug that was plaguing Ryzen systems a year ago, causing system stuttering to occur. But this new bug is substantially worse since the issue can prevent the TPM module from functioning at all. Again, Microsoft has not announced an update, so we don’t know when this will be fixed. If you’re affected by this bug, the best thing you can do is buy a dedicated TPM module for your system. These external TPM modules usually cost less than $40, and are installed into an internal slot on a motherboard. Given AMD’s track record with poor fTPM stability, it could be wise to switch to a dedicated TPM anyways so mishaps like this don’t happen again.
This issue should only be irksome if you use TPM actively. If you don’t, and only enable it to meet Windows 11’s system requirements, you can disable the module in BIOS if the detection issue is bothering you. Windows 11 will still give you a green checkmark in the security app. This could change though if Microsoft adds automated security features to Windows 11 (or newer) in the future which utilize TPM
I remember a couple of large threads about TPM issues so decided to upload this article.
EDIT: Sorry I posted the wrong link from the User I was helping. Found correct link to above article. Found a similar link from Techradar concerning the same bug and posted that instead: https://www.techradar.com/news/mysterious-windows-11-bug-hits-amds-best-processor
Windows 11 has a baffling bug that means it’s not detecting TPM with some processors – and therefore not recognizing the host PC as supporting the OS – with one CPU hit badly in particular, the popular Ryzen 7 5800X3D.
Neowin pointed out a whole bunch of Windows users who are having an issue whereby they are failing ‘TPM attestation’ with the result that the PC is not supported for running Windows 11.
This is despite the system getting the all-clear in terms of the TPM module being detected as ‘ready for use’.
As noted, this is happening to various Ryzen processors (and even Intel models in outlying cases), and the 5800X3D seems to be more affected than others. In some cases, users report that with a different CPU, the TPM requirement is passed with no problems.
One person who encountered the bug writes: “After upgrading my CPU from Ryzen 5 2600 to Ryzen 7 5700X Windows Security Chip App reports ‘Attestation: Not Supported’ but ‘Memory: Ready’. In the TPM Console it shows that the TPM Module is Ready for use.”
They add: “When I switch back to my old Ryzen 5 2600 everything works.”
Analysis: Come on Microsoft, AMD – this isn’t good enough
This one’s a bit of a headscratcher for sure, but we have got official word from Microsoft on the bug.
In a known issue filed under Windows Autopilot problems, the software giant notes: “TPM attestation for AMD platforms with ASP firmware TPM may fail with error code 0x80070490 on Windows 10 and Windows 11 systems. There’s currently no update available to resolve this issue.”
Now, Windows Autopilot is a tech used by IT teams to deploy multiple Windows PCs, so not something the home user will encounter. But evidently, there are consumers out there who are getting brick-walled by this bug when attempting to install Windows 11 with certain CPUs.
It’s seriously disappointing to hear that there’s no resolution, or more to the point, evidence that Microsoft is at least investigating what’s going on here. Neither have we got any word from AMD that it’s looking into the gremlin or trying to discern what’s up.
For affected PCs, it seems the only possible remedy is to install a separate TPM module and not rely on the processor’s built-in one. To say that’s far from ideal is an understatement.
As another affected user on Reddit, who was upgrading from a 5800X – which worked just fine with Windows 11 – to a 5800X3D put it: “I’ve searched online and there is bunch of people with 5800X3D having exact same problem and no one has any idea why or how to fix it. Some did buy external TPM module, but why the hell would I do that when Ryzen 5800 have one onboard?”
It’s a very good point indeed. One suggestion we’ve seen (in the above Reddit thread) as a workaround for those upgrading to a new CPU which is hamstrung by a TPM attestation fault goes as follows. Put the old CPU back in, disable TPM, clear the CMOS, reinstall the new processor and then turn TPM back on. Take that as a bit of a wild punt in the dark, though, but one upgrader claims it worked for them.
And it’s more of a hint than Microsoft or AMD have given us so far, that’s for sure.
