I’ve spent a lot of time looking at Autopilot log files, hardware hashes, and TPM-related “stuff.” And it’s always puzzled me why things have to be so difficult. In this case, it’s about something really simple: The TPM firmware version of a particular TPM chip/device. If you look in the TPM MMC, you see a version like:
But if you look at an Autopilot hash, you see this:
So why two different firmware versions? Well, they aren’t two different versions at all, they are the same thing represented in a different way. Let’s look at the values in hex to see what I mean, with each of the two big numbers in the TPMVersion string above converted to hex using HxD, my favorite hex editing tool:
So the first four bytes are the equivalent of 538247443, and the second four bytes are 1394722. But now let’s look at the values two bytes at a time:
So the first two are 275, the “minor” part of the version in TPM.MSC. The next two are 8213, the “major” part of the version:
The next two are 18466, so that’s the “revision” part of the TPM.MSC version. And the last two are 21, the “build” part of the TPM.MSC version. So put those together in the right order and you end up with “8213.275.21.18466”, exactly what we see in TPM.MSC.
Categories: Windows 11