[German]Is there an issue with the Trusted Platform Module 2.0 on Windows 10 version 1903? I got reports that TPM is causing error code 10 in Device Manager. Then of course Bitlocker does not work anymore.
- Bitlocker Recovery Key Not Working After Motherboard Replacement
- Bitlocker Recovery After Motherboard Replacement Service
- Bitlocker Recovery After Motherboard Change
- Bitlocker Recovery After Motherboard Replacement Cost
- Bitlocker Recovery After Motherboard Replacement Parts
- Bitlocker Recovery After Motherboard Replacement Instructions
Advertising
Background: Bitlocker and TPM
Microsoft’s Bitlocker can be used for hard disk encryption under Windows. This feature is available from the Pro version of the operating system. Bitlocker has the possibility to perform the encryption with or without Trusted Platform Module 2.0.
Dec 04, 2015. BitLocker Recovery Key after motherboard replacement. Pro evolution soccer 2006 full version for pc. Mx vs atv alive pc download. The nice thing about the full version is hardware replacement doesn't affect drive encryption if you aren't.
If a TPM module is missing, a PIN must be entered to decrypt the Bitlocker-encrypted files. If there is a Trusted Platform Module 2.0 in the form of a chip on the motherboard, Bitlocker can use it for authentication. The encrypted media are then bound to this hardware via TPM.
Issues with the TPM chip in Windows 10 V1903
Bitlocker and the Trusted Platform Module 2.0 are always good for problems under Windows (see links to other articles at the end of this article). Now German blog reader Andreas E. (thank you for that) has informed me about a problem with Bitlocker in connection with TPM 2.0 and Windows 10 May 2019 Update (Version 1903) via a private message on Facebook. He himself as well as his colleagues have noticed problems with TPM on several computers running Windows 10 Version 1903.
(Source: Technet)
The Trusted Platform Module 2.0 cannot be started. In the Device Manager you will find the error message shown in the screenshot above.
Advertising
The device cannot start. (Code 10)
(Operation Failed)
The requested operation was unsuccessful.
The requested operation was unsuccessful.
If the device (TPM 2.0) cannot be started, the device manager reports error 10, of course the TPM protector for bitlockers is omitted. Then Bitlocker is stopped – and you can no longer access the encrypted information or use Bitlocker with TPM. Andreas writes about it:
And the [Bitlocker] protection is stopped
But you will find very little information about it
Maybe worth doing some research.
But you will find very little information about it
Maybe worth doing some research.
That’s the information I have so far. But a short search on the internet shows that Bitlocker and TPM are not fool proof at all, but can cause trouble. Dell has published a Support article How to troubleshoot and resolve common issues with TPM and BitLocker on various bugs.
Whether there are issues with a TMP 2.0 firmware update, as described here by Microsoft, isn’t known so far.
Bitlocker Recovery Key Not Working After Motherboard Replacement
What can I find about TPM Code 10?
If you search for TPM 2.0 and the error code 10 in the internet, you will get some hits.
Virus scanners and filter drivers
In the Technet forum there is this post, which deals with the code 10 with TPM 2.0. There a user describes he deleted UpperFilters and LowerFilters (injected by a virus scanner), because they seem to have caused TPM problems.
But you can’t just delete the filter drivers from the registry – the system didn’t boot anymore. The affected person had to reinstall Windows 10 V1809 – and then the TPM 2.0 chip was detected cleanly in the device manager.
Somewhere in forums I found the hint that you should always use the Windows TPM driver – but not the OEM TMP driver (it is also mentioned here). I also found the information (e.g. here) that the UEFI boot mode can have an influence.
Conflict with other hardware?
In this HP forum post, a user also describes the error image that the TPM 2.0 device displays Code 10 in the Device Manager. Microsoft Windows 10 is used, but no version is specified (based on the post it can have been at most Windows 10 V1803).
However, the poster also reports issues with Windows 10 Hello logon and a fingerprint sensor. What I took with me from this (unsolved) thread is to pay attention to the following:
- BIOS and/or UEFI must be up to date to cleanly support the TPM 2.0 chip.
- A suitable chipset driver must be installed over Windows so that all devices are properly detected.
The chipset driver should be provided by Windows 10. But if there are problems there, you can see if the OEM offers something updated.
In this context I found this blog post, where an audio device under Windows 10 V1709 throwing the error code 10. But there was the problem that the Bitlocker DMA protection didn’t work anymore. The error was solved by a cumulative update for Windows 10 and afterwards the Direct Memory Access (DMA) protection for Bitlocker worked again.
I found a comment on this article in which somebody claims that Windows 10 V1903 is ‘bypassing’ the TPM – but without giving further details.
At this point the question: Are there any other people affected who notice this effect? Has anyone perhaps even determined a cause and knows a fix? Zazonee download free.
Similar articles
Windows 10: Important Secure Boot/Bitlocker Bug-Fix
BitLocker management in enterprise environments
Dell: New BIOS is causing Bitlocker issues
Bitlocker on SSDs: Microsoft Security Advisory Notification (Nov. 6, 2018)
SSD vulnerability breaks (Bitlocker) encryption
Windows 10 V1803: Fix for Bitlocker bug in Nov. 2018?
Windows 10: Bitlocker encrypts automatically
Windows 10: Important Secure Boot/Bitlocker Bug-Fix
BitLocker management in enterprise environments
Dell: New BIOS is causing Bitlocker issues
Bitlocker on SSDs: Microsoft Security Advisory Notification (Nov. 6, 2018)
SSD vulnerability breaks (Bitlocker) encryption
Windows 10 V1803: Fix for Bitlocker bug in Nov. 2018?
Windows 10: Bitlocker encrypts automatically
Advertising
Bitlocker Recovery After Motherboard Replacement Service
What happens when you have BitLocker enabled on your computer and your system board needs to be replaced?
Well nothing too exciting if you’re not using the TPM chip on the system board. But, if you are using it, you get a little more fun.
I ran into this recently and was actually excited to see what would happen. The system board on my laptop died and needed to be replaced. I had enabled BitLocker Drive Encryption a few months earlier to help protect my laptop data and had configured it to use the Trusted Platform Module (TPM) chip on the board. If you haven’t looked into setting up BitLocker on your notebook computer, I highly recommend that you do. Keep in mind that it is only available in Windows Vista Enterprise and Ultimate (and the Windows Server 2008 line). It provides full drive encryption and when used on a more modern laptop that has a TPM chip, allows for a very good extra layer of protection of your data. If your laptop should ever be stolen, this can make it more difficult for the thief to get to your data. Take a look at the following pages for some more info on Microsoft’s BitLocker – http://en.wikipedia.org/wiki/Bitlocker
So because BitLocker is tied to the mother board, what would happen if the system board needs replaced? In theory, BitLocker should see this as being almost the same as your hard drive being put into another computer and shouldn’t be very happy. It should prompt you to basically prove who you are before it will continue booting into Windows and allowing access to your data. Well, it did what it was supposed to – my system board was installed and when I booted up the system, here’s what I got:
So Windows Vista saw the problem with the new board and halted everything. If you had saved the key on a thumb drive, you can save yourself some typing by inserting it and hitting the “Escape” key (ESC) to reboot and read from the key. I don’t keep my key on a thumb drive, however, so after seeing this screen, I pressed “Enter” to enter the recovery process which brought me to this screen…
That now becomes the most important part of the process. When BitLocker first gets enabled, you are prompted to save out your BitLocker encryption keys to a location other than your local hard drive (for this very reason). You did do that, right?! If not you’re in for a world of hurt because you won’t be able to recover your data otherwise. The only exception to this is if your BitLocker configuration was setup by your administrator in your Active Directory domain to manage the keys that way.
I have my keys in a couple of secure locations (just in case) and opened up the text files on another computer to see what the 48-character string is and typed it in to the screen above. After that, Windows Vista booted right up. Pretty cool, huh?
So once I logged in, I needed to go through and reconfigure BitLocker to work with the new TPM chip (new system board = new TPM chip). To open the TPM Management screen, click on the “Start” button and type “tpm.msc” into the “Start Search” bar and press “Enter” when it shows up in the list. This will bring up the TPM Management utility…
Now, click on “Initialize TPM” in the top right…
This will bring up the screen to start the TPM hardware. Click on “Restart” – this will restart the computer automatically…
![Recovery Recovery](https://3.bp.blogspot.com/-lAV_Ye2qNN4/VwEsbtHpF8I/AAAAAAAAAKM/oKKLomkYKN4xIFB_xsqtnHdVH4nRPZkzA/s1600/Bitlocker9.png)
Bitlocker Recovery After Motherboard Change
At this point, the BIOS of the computer prompted me to allow Windows to work with the TPM…
Pressing “F1” set the change and once logged back into Windows, I was prompted to set the TPM owner password…
Bitlocker Recovery After Motherboard Replacement Cost
I selected to let Windows automatically create the password. At this point you’ll then be prompted to save out this password…
Save the password somewhere other than your computer (maybe a USB thumb drive, an online backup account, or a web-only email account). Once you save out this TPM file, you’re done!
So, this worked out well to be able to learn that it’s fairly straight-forward to work with BitLocker after a major hardware change. It also helped demonstrate the protection that Microsoft’s BitLocker Drive Encryption presents when using a TPM chip. Remember, that this isn’t all that needs to be done to protect your notebook, but rather is just one important step in the layer of security you want to add. More information can be found all over the Internet, but here’s a good article to start with –http://en.wikipedia.org/wiki/Laptop_theft
Bitlocker Recovery After Motherboard Replacement Parts
Good luck and have a great week!
Bitlocker Recovery After Motherboard Replacement Instructions
— Jim White
MCSE, CCSP, CCEA, Server+, A+, and more!
www.booksbyjim.com/
MCSE, CCSP, CCEA, Server+, A+, and more!
www.booksbyjim.com/