In preparation for the pending release of Windows 11, Asus is pushing out updated motherboard firmware to help facilitate a problem-free upgrade to Microsoft's next operating system. The new BIOS files do this by enabling Trusted Platform Module (TPM) 2.0 support.
TPM 2.0 is a key requirement of Windows 11, and one of the reasons why people initially ran into problems with Microsoft's PC Health Check app before it was yanked offline. The app was designed to scan systems for potential compatibility issues. If everything passed muster, you knew your PC was ready for Windows 11.
Microsoft ended up pulling the app because it was "not fully prepared to share the level of detail or accuracy you expected from us on why a Windows 10 PC doesn't meet upgrade requirements." I strongly suspect this was to prevent people from freaking out after failing the compatibility check due to nothing more than a rather simple switch in the BIOS: TPM 2.0.
I initially ran into this myself on my main system with an Asus ROG Maximus XIII Hero motherboard based on Intel's Z590 chipset. It's a newer platform, but because TPM is typically disabled by default, as it was in my case, the app returned a message saying, "This PC can't run Windows 11," when in fact it could. I just needed to enable TPM support in the BIOS first.
Here's the thing: on the vast majority of modern systems, TPM is built into the CPU. It can also be present as an actual chip on the motherboard. Either way, its job is to add a layer of protection by generating and storing encryption keys, and authenticate certain interactions.
Microsoft has decided to require this extra layer of security in order to run Windows 11. However, on most consumer platforms, it's not enabled by default. Adding to the confusion, it can be labeled something else in the BIOS—PTT (Platform Trust Technology) on Intel boards, and PSP (Platform Security Processor) and/or fTPM (Firmware Trusted Platform Module) on AMD hardware.
This brings us back to Asus and its newest round of BIOS updates. Asus is busying updating the firmware on a host of motherboards that, when applied, automatically enable TPM 2.0 without any user interaction. So for example if you own a TUF Gaming X570-Plus (AMD) or a Prime Z590-P (Intel) motherboard, all you need to do is apply the latest BIOS update and you are good to do, at least as it pertains to the TPM 2.0 requirement.
Asus is in the process of pushing out updated firmware for dozens of AMD and Intel chipsets covering hundreds of motherboard models. Many of them are already available, while several others are currently being tested. If you own an Asus motherboard, head over to its Windows 11 BIOS microsite and look for your model to see if a new BIOS is available.
Alternatively, you can enable TPM 2.0 yourself, without updating the BIOS. You may want to go this route if the latest BIOS does not add anything else to the mix (you can check the release notes). Updating the BIOS is generally safe and easy these days, but things can still go awry (like a power outage in the middle of an update), and you might have a bunch of custom settings to re-enter.
On Intel motherboards from Asus, the setting can be found by navigating to Advanced > PCH-FW Configuration > PTT and selecting Enable from the pull-down menu. On AMD motherboards, head to Advanced > AMD fTPM configuration and select Firmware TPM from the pull-down menu.