Windows Defender Security Centre Error

Page 2 of 2 FirstFirst 12

  1. Posts : 27,162
    Win11 Pro, Win10 Pro N, Win10 Home, Windows 8.1 Pro, Ubuntu
       #11

    It was the factory defaults I was looking for, that's what I use, and have had no problems.
      My Computers


  2. Posts : 27,162
    Win11 Pro, Win10 Pro N, Win10 Home, Windows 8.1 Pro, Ubuntu
       #12

    Just so you can see and compare, here is the TPM data for my 8700K

    Windows Defender Security Centre Error-image.png
      My Computers


  3. Posts : 70
    Windows 10 Home x64
    Thread Starter
       #13

    Slightly different but I would expect that this is after the first boot

    Windows Defender Security Centre Error-n.png

    Just tried again with factory settings loaded fine first time but not the second. There was an option to save and various other options, each one failed with the below error is this the issue or am I barking up the wrong tree. This is all new to me and again im sorry for my incompetence.

    Windows Defender Security Centre Error-1.jpg

    Windows Defender Security Centre Error-2.jpg

    PS would it help to reset these before a clean install (Grasping at Straws)
      My Computer


  4. Posts : 27,162
    Win11 Pro, Win10 Pro N, Win10 Home, Windows 8.1 Pro, Ubuntu
       #14

    It looks as if they are set as they should be.
    You might want to read more on TPM here: TPM recommendations (Windows 10) | Microsoft Docs

    Maybe something might help.
      My Computers


  5. Posts : 70
    Windows 10 Home x64
    Thread Starter
       #15

    Thanks for your help Cliff. One last question as im running home and dont use bitlocker am I doing any harm in just dismissing the error in security centre, is there something I should be worried about.
      My Computer


  6. Posts : 27,162
    Win11 Pro, Win10 Pro N, Win10 Home, Windows 8.1 Pro, Ubuntu
       #16

    xxxdannyxxx said:
    Thanks for your help Cliff. One last question as im running home and dont use bitlocker am I doing any harm in just dismissing the error in security centre, is there something I should be worried about.
    Even with Windows Home, here are two reasons to get it working if possible:

    Measured Boot
    • A hardware root of trust contains boot measurements that help detect malware during remote attestation.
    Health Attestation
    • MDM solutions can easily perform remote attestation and evaluate client health before granting access to resources or cloud services such as Office 365.


    Measured Boot
    Windows 8 introduced Measured Boot as a way for the operating system to record the chain of measurements of software components and configuration information in the TPM through the initialization of the Windows operating system. In previous Windows versions, the measurement chain stopped at the Windows Boot Manager component itself, and the measurements in the TPM were not helpful for understanding the starting state of Windows.

    The Windows boot process happens in stages and often involves third-party drivers to communicate with vendor-specific hardware or implement antimalware solutions. For software, Measured Boot records measurements of the Windows kernel, Early-Launch Anti-Malware drivers, and boot drivers in the TPM. For configuration settings, Measured Boot records security-relevant information such as signature data that antimalware drivers use and configuration data about Windows security features (e.g., whether BitLocker is on or off).

    Measured Boot ensures that TPM measurements fully reflect the starting state of Windows software and configuration settings. If security settings and other protections are set up correctly, they can be trusted to maintain the security of the running operating system thereafter. Other scenarios can use the operating system’s starting state to determine whether the running operating system should be trusted.

    TPM measurements are designed to avoid recording any privacy-sensitive information as a measurement. As an additional privacy protection, Measured Boot stops the measurement chain at the initial starting state of Windows. Therefore, the set of measurements does not include details about which applications are in use or how Windows is being used. Measurement information can be shared with external entities to show that the device is enforcing adequate security policies and did not start with malware.

    The TPM provides the following way for scenarios to use the measurements recorded in the TPM during boot:

    • Remote Attestation. Using an attestation identity key, the TPM can generate and cryptographically sign a statement (orquote) of the current measurements in the TPM. Windows 10 can create unique attestation identity keys for various scenarios to prevent separate evaluators from collaborating to track the same device. Additional information in the quote is cryptographically scrambled to limit information sharing and better protect privacy. By sending the quote to a remote entity, a device can attest which software and configuration settings were used to boot the device and initialize the operating system. An attestation identity key certificate can provide further assurance that the quote is coming from a real TPM. Remote attestation is the process of recording measurements in the TPM, generating a quote, and sending the quote information to another system that evaluates the measurements to establish trust in a device. Figure 2 illustrates this process.
    When new security features are added to Windows, Measured Boot adds security-relevant configuration information to the measurements recorded in the TPM. Measured Boot enables remote attestation scenarios that reflect the system firmware and the Windows initialization state.
    Health Attestation
    Some Windows 10 improvements help security solutions implement remote attestation scenarios. Microsoft provides a Health Attestation service, which can create attestation identity key certificates for TPMs from different manufacturers as well as parse measured boot information to extract simple security assertions, such as whether BitLocker is on or off. The simple security assertions can be used to evaluate device health.
    Mobile device management (MDM) solutions can receive simple security assertions from the Microsoft Health Attestation service for a client without having to deal with the complexity of the quote or the detailed TPM measurements. MDM solutions can act on the security information by quarantining unhealthy devices or blocking access to cloud services such as Microsoft Office 365.
      My Computers


  7. Posts : 27,162
    Win11 Pro, Win10 Pro N, Win10 Home, Windows 8.1 Pro, Ubuntu
       #17

    By the way if you decide on a clean install, I see in your specs, that you have an M.2 SSD, it might be faster just backing your files up, and any driver or software installers you have(with any software activation key if needed) and use Reset this PC in settings>recovery, and let it nuke every thing.

    It will be much faster than a clean install with a USB thumb drive(read & write speeds)
      My Computers


  8. Posts : 70
    Windows 10 Home x64
    Thread Starter
       #18

    Thanks Cliff Im going to leave it for tonight. I have just set up a usb with the previous windows version to check if things were ok with that one just to eliminate that it may just be the latest update.
    Enjoy your evening mate
      My Computer


  9. Posts : 27,162
    Win11 Pro, Win10 Pro N, Win10 Home, Windows 8.1 Pro, Ubuntu
       #19

    xxxdannyxxx said:
    Thanks Cliff Im going to leave it for tonight. I have just set up a usb with the previous windows version to check if things were ok with that one just to eliminate that it may just be the latest update.
    Enjoy your evening mate
    Ok, you're welcome, it's getting late here in Germany too, good evening.

    Maybe someone else will post an idea later.
      My Computers


 

  Related Discussions
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 16:16.
Find Us




Windows 10 Forums