TPM Security Processor Troubleshooting Guide


The first step of troubleshooting Trusted Platform Module (TPM) errors is to review the status of the security processor.  

Windows 10  

  • Go to Settings -> Update & Security -> Device Security -> Security Processor Details 
  • Or Type “TPM” in the search box and select Security Processor Details 
  • Or run Get-TPM in an administrator PowerShell console.  

Any detected issue should cause a message to a appear in the Status section. Refer to Security Processor troubleshooting ( for details and instructions to resolve each error message.  

Older Windows Versions 

  • Go to Run, type MMC and press enter. 
  • Select File -> Add Remove Snap-in 
  • Choose TPM Management and click Add. Select Local Computer 

Any detected issues should be listed in the Status row. Refer to Security Processor troubleshooting ( for details and instructions to resolve each error message. 

Event Logs 

TPM errors are recorded in the System Event Logs on Windows computers. Search the event logs for TPM errors with PowerShell: 

Get-WinEvent -FilterHashtable @{LogName=’System’} | Where-Object -Property Message -Match ‘TPM’ | fl 


No one solution will correct all TPM issues, but here are some of the most common and effective fixes listed in the order you should attempt them.  


Many times, TPM errors can be corrected by applying updates to the operating system and system BIOS.  

The operating system should be updated with the Windows Update mechanism. Windows updates should be applied before any TPM or BIOS updates from the manufacturer.  

The procedure for updating the System BIOS is different across systems, but in general the manufactures update utility should be used. 

UEFI Discrepancy 

TPM 2.0 (check status) requires the system BIOS to be in a Native UEFI mode only. Disable any legacy functions, modes, or settings.  

Clear TPM 

TPM security processors include their own sealed storage. Occasionally that storage becomes corrupted. Clearing the TPM storage is done with the Security Process Details page or, the TPM MMC (see Status section). It can also be done via PowerShell (Clear-TPM in an admin console). 

  • You should backup a system before clearing the TPM. Data loss is possible in certain situations. 
  • Windows Hello will not function after clearing TPM storage and needs to be reconfigured. 

Reset Power 

Often a full power loss will restore TPM functionality to systems that cannot detect their TPM security processor. TPM is missing or not detected status messages from either the BIOS or Windows Status warrant the following procedure. It is important to remove all power and fully drain any capacitors or other power supply available to the TPM chip, a reboot or shutdown is not sufficient.  

  • Shutdown the system 
  • Unplug the Power Cable or Power Supply 
  • Remove any batteries from laptops. 
  • Disconnect any UPS or USB power.  
  • Hold down the Power button for a minimum of 30 seconds. 
  • Re-connect power cords, power supplies, UPS, or USB power. 
  • Power on the system and check the TPM status.   

Further Documentation 

If you are unable to resolve TPM issues after completing these steps you should contact your system’s or motherboard manufacturer’s technical support. There is likely a hardware issue that may require replacement. It is possible to disable the TPM function in your system BIOS. Be sure to decrypt disks and turn off features that require it (Windows Hello) first.

About Kevin Trent

IT professional with almost 30 years of experience in Infrastructure, Architecting, Administration, Development, and Communications.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s