So yesterday a full screen popover offered to take me from 10 to 11. But reading this article it seems that without TPM (TPM isn't supported by my system according to the security devices dialog) an update will open a can of whoop ass. Advice anyone? Inclined to do nada at least until Oct 2025 comes
I started shrinking the main partition on W10 PCs down to leave only a couple dozen GB of free space, then formatting all that leftover "blank canvas" to accept a fresh clean install of W11. Not an "upgrade" to the W10 that is already there, I leave that untouched. Dual booting the factory way is actually easier than ever.
With the arrival of W11 version 24H2 just a couple months ago, other than the intended progressive restriction against older hardware (which could very well now be relaxed to a more sensible degree according to the article), there appears to be further inadvertent un-necessary hardware dependencies other than TPM that didn't need to exist where backward-compatibility could have been maintained for business purposes but the ball was finally dropped in ways that never would have been possible in an earlier Microsoft with more thorough testing before release. When you think about it, concealing this trend might be the entire motivation for requiring a newer or higher-end CPU than W10 to begin with. But 24H2 is definitely more failure-prone in this regard than 23H2, and if nobody at HQ ever tried it on lesser hardware they might not know any better anyway. So you pretty much need to test for yourself how much the rug has been pulled out from under you so far, before you can even arrive at a mitigation strategy to allow the same decent hardware going forward.
People around the world were informed to begin with that if their PCs could run W7, they would be fine with W8, and then again with W10. W8 even booted way faster than W7, they put effort into it and it worked, there are some brilliant people still there, and it does show. But is W11 supposed to be so slow or challenging that it can't carry forward as good as it was, that you just give up now?
So even if you are confidently running W11 version 23H2, it could be a very good time to test out 24H2 to make sure it doesn't surprisingly raise it's ugly head and scream "fail" when you try to install it clean to a fresh partition.
In which case you'll know to migrate to W11 23H2 (while you still might be able to) instead of the latest 24H2, but at least "support" will last a bit longer than W10 then.
Careful with the 24H2 for another reason too, upon installation it will silently autoencrypt other drives it has access to during W11 installation, without warning, this is a first and it's a real booby-trap. If you are in an environment where there is a "Local Account" instead of a Microsoft account, there will be no cloud to obtain a decryption key from either, and you might as well reformat those drives and recover from backup quicker than reversing the mayhem. This must be carefully inhibited in many cases which takes a "remote" registry edit PreventDeviceEncryption to be accomplished before the first boot of your freshly written W11 24H2 fileset to its newly formatted volume.
Also for the "belt & suspenders" approach if shrinking an existing partition to add a second partition for W11, you can also hide the existing NTFS partition from the new W11 by changing its partition Type ID and/or attributes beforehand using the command prompt from the W11 Setup USB. After OOBE then you can disable bitlocker without CLI, but you already had to use CLI for your data to be barely safe to begin with and you still need admin CLI to unhide the previous volume once it's safe under 24H2 to do so :\
Alternatively, if you are not already encrypting your existing NTFS partition you could intentionally do it in advance and make sure you have the decryption key in your possession before installing W11 :\
Every time it's getting more fiddly than before and pretty soon Linux is going to need less CLI action from average small business users and the geeks they trust.
Sheesh what a bunch of footguns await. Appreciate the heads up on partition encryption because yep, I'm in a local account environment. The entire upgrade feels far to risky at this point so I'll probably forgo it at least for a year or more like until I'm forced to upgrade.
