none
Windows 10 Security Center - Device Security - Security Processor - Suppress with GPO RRS feed

  • Question

  • Hello,

    I am trying to suppress the warning through GPO that Security Center is showing regarding TPM.

    I have tried 3 places so far that seemed like the correct place and none of them are working on my test box.

    1. Computer \ Policies \ Admin \ Windows Components \ Windows Defender Security Center \ Device Security \ Hide the Security processor (TPM) troubleshooting area in the Windows Defender Security Center - Enabled

    2. Computer \ Policies \ Admin \ Windows Components \ Windows Defender Security Center \ Notifications \ Hide Non-Critical notifications - Enabled.

    3. Computer \ Policies \ Admin \ Windows Components \ Windows Defender Security Center \ Notifications \ Hide all notifications - Enabled.

    None of these individually or all at once are working to hide the yellow ! about TPM firmware update needed.

    OS: Windows 10 Education 1803

    Which one should it be?

    Thanks in advance!


    Portland Public Schools / Systems Administrator II





    Monday, August 13, 2018 6:23 PM

Answers

  • Hi,

    Did your machine join to a domain and you login with a domain user?

    Firstly, when you receive the warning of updating TPM, which means Windows 10 operating systems are at increased risk. You are receiving this message because Microsoft is releasing Windows 10 security updates to address the vulnerability which you will need to download and install. In addition, device manufacturers are releasing firmware updates to remediate the problem which you also need to download and install. Finally, once you have installed these updates, you will also need to clear your TPM.

    If you are aimed to hide the warning, then click dismiss, will it work?

    In addition, you can hide the Device Security area, however which means you can not see other warnings/statue in Device Security Area. We don't recommend this anyway.

     Computer \ Policies \ Admin \ Windows Components \ Windows Defender Security Center \ Device Security \ Hide the Device Security area- Enabled


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Tuesday, August 14, 2018 6:07 AM

All replies

  • Hi,

    Did your machine join to a domain and you login with a domain user?

    Firstly, when you receive the warning of updating TPM, which means Windows 10 operating systems are at increased risk. You are receiving this message because Microsoft is releasing Windows 10 security updates to address the vulnerability which you will need to download and install. In addition, device manufacturers are releasing firmware updates to remediate the problem which you also need to download and install. Finally, once you have installed these updates, you will also need to clear your TPM.

    If you are aimed to hide the warning, then click dismiss, will it work?

    In addition, you can hide the Device Security area, however which means you can not see other warnings/statue in Device Security Area. We don't recommend this anyway.

     Computer \ Policies \ Admin \ Windows Components \ Windows Defender Security Center \ Device Security \ Hide the Device Security area- Enabled


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Tuesday, August 14, 2018 6:07 AM
  • Hi,

    Did your machine join to a domain and you login with a domain user?

    Firstly, when you receive the warning of updating TPM, which means Windows 10 operating systems are at increased risk. You are receiving this message because Microsoft is releasing Windows 10 security updates to address the vulnerability which you will need to download and install. In addition, device manufacturers are releasing firmware updates to remediate the problem which you also need to download and install. Finally, once you have installed these updates, you will also need to clear your TPM.

    If you are aimed to hide the warning, then click dismiss, will it work?

    In addition, you can hide the Device Security area, however which means you can not see other warnings/statue in Device Security Area. We don't recommend this anyway.

     Computer \ Policies \ Admin \ Windows Components \ Windows Defender Security Center \ Device Security \ Hide the Device Security area- Enabled


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Hello Vivian,

    Unfortunately we have around 50 different models  PC's because of donations and about 10 years of  purchases that are still reporting to SCCM. The work on that will most likely never happen because our district has about 10,000 PC's and about 10 people to service them all.

    Our management has made the decision to hide the warning because we don't want people trying to fix this error on their own.

    Also we would have to suspend Bitlocker or decrypt and reencrypt our drives, that is a lot of time to process as well.

    The vendors recommend having an up to date BIOS as a pre-requisite and that adds more work to do as well.

    I personally would much rather fix it but, the risk  of bricking our old machines is too real to ignore.

    I will try the policy settings you mentioned and mark it as an answer if it works.

    Thank a lot for your help!

    - Adam Seitz


    Portland Public Schools / Systems Administrator II


    • Edited by Adam Seitz Tuesday, August 14, 2018 3:04 PM
    Tuesday, August 14, 2018 3:03 PM
  • That was the fix but I can't find the "Mark as Answer" button, did the button move?

    Portland Public Schools / Systems Administrator II

    Tuesday, August 14, 2018 7:59 PM
  • Thanks for your reply.

    Since you created a discussion session when you post the thread, and there is no Mark as an answer button in this session. Thanks to the Moderator who has changed the type, you can Mart it as an answer right now.

    Thanks for your time.


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Wednesday, August 15, 2018 1:03 AM
  • Thanks for your reply.

    Since you created a discussion session when you post the thread, and there is no Mark as an answer button in this session. Thanks to the Moderator who has changed the type, you can Mart it as an answer right now.

    Thanks for your time.


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    I have confirmed the answer - Thanks again!!

    Portland Public Schools / Systems Administrator II

    Wednesday, August 15, 2018 2:19 PM