Call4Cloud | MMP-C | Autopilot | Device Preparation

Mastering Device Compliance: The Game-Changing Tpm-PreAttestationHealthCheck in Windows 24H2

Patch My Pc | install & update thousands of apps

This time, we’re diving back into Device Health Attestation (DHA). With Windows 24H2, there’s a new addition worth mentioning: a scheduled task called Tpm-PreAttestationHealthCheck. This task is a game-changer when it comes to troubleshooting those pesky Compliance Health Attestation issues, making the whole process a bit more manageable.

1. Introduction

When configuring Compliance policies, it is always smart to require Bitlocker and Secure boot on the device. You could do so by configuring the corresponding Windows Health Attestation Service evaluation rules.

configuring the Windows Health Attestation Service evaluation rules and require bitlocker and secure boot

Once the compliance policies are delivered to your device and it has undergone a reboot to communicate the latest PCR values (in which Bitlocker was enabled), it should become compliant (eventually).

Afbeelding met tekst, schermopname, Lettertype, lijn  Automatisch gegenereerde beschrijving

Unfortunately, there are some scenarios in which this doesn’t happen, and we end up with a non-compliant device, and with it, it could lose access to the data stored in Microsoft 365. Some time ago, I wrote a dedicated blog in which some devices didn’t come compliant because they could not retrieve the device health certificate. (DHA-Encrypted-Data)

Health Attestation Certificate | Bitlocker | Secure Boot (call4cloud.nl)

In that blog, I showed you how you could troubleshoot such kinds of issues. While working on a new (with the same error) health attestation issue with Pluton devices, I stumbled upon a new task scheduled on my insider preview VM. (Now available in 24h2)

 a new scheduled task called Tpm-PreAttestationHealthCheck showed up in the TPM tasks

This task’s name is Tpm-PreAttestationHealthCheck. Based on its name, it seems to perform pre-attestation health checks to ensure everything is good to go before we start looking at this new scheduled task, a quick Health Attestation CSP Refresher.

2. Health Attestation CSP.

If we want to know more about this task, Tpm-PreAttestationHealthCheck, we first need to refresh our knowledge about the Health Attestation CSP. To do so, you could take a look at this blog:

Device Health Attestation Flow | DHA | TPM | PCR | AIK (call4cloud.nl)

Or start reading the summary below.

When we take a look at some of the core functions of the Windows Health Attestation CSP, we will notice that this task is responsible for

  • Collecting data to verify a device’s health status.
  • Sending this data to the Health Attestation Service.
  • Managing the Health Attestation Certificate received from the Health Attestation Service.
  • Forwarding the Health Attestation Certificate and related runtime information to MDM servers for verification.
  • During health attestation sessions, transmit TCG logs and PCR values measured during boot to the Health Attestation Service via a secure channel.
  • When an MDM server confirms a device’s attestation with the Health Attestation Service, it receives information about how it booted without rebooting between attestation and validation.

So, it’s safe to say that the Windows Health Attestation Service evaluates health data, generates encrypted health blobs, or produces reports for MDM servers. It verifies TPM attestation and log validity through several steps:

  • Checking reports are signed by trustworthy AIKs.((Attestation Identity Key))
  • Validating the signature over PCR values.
  • Matching logs with PCR values.
  • Examining logs for known or valid security configurations.
 the Windows Health Attestation Service evaluates health data, generates encrypted health blobs, or produces reports for MDM servers. It verifies TPM attestation and log validity through several steps:

Now our Health Attestation CSP knowledge is a bit refreshed, let’s move on to the TpmPreAttestationHealthCheck scheduled task that arrived on our device

3. Tpm-PreAttestationHealthCheck

The latest insider preview Windows build (24h2) created a new task inside the TPM scheduled task folder.

Tpm-PreAttestationHealthCheck

This task, Tpm-PreAttestationHealthCheck, seems responsible for performing some health checks. This task also used the tpmtask.dll to carry out its work.

That makes it way easier! Why? I can open that DLL file and start looking at the function in pseudocode:PreAttestationHealthCheck

PreAttestationHealthCheck

Once I opened PreAttestationHealthCheck, I started reading the code. After spending some time on it, it was clear it was trying to gather all sorts of information. From there on, I first started making a summary of all the pieces of information it checks

It was pretty clear that I stumbled upon 2 new things. I should start adding to my TPM attestation tool . This attestation health check verifies whether the PCRs match and logs the results to the TPM\WMI registry. When we look at the pseudocode, we indeed notice the same thing!

If we open the TPM\WMI registry node, we will spot the PCRInfo in it!!

the TPM\WMI registry keys now contain the PCRInfo

That’s a good health check!! I can use that one! From there on, I noticed something else which could also be very useful when troubleshooting attestation issues.

All the information this pre-attestation health checks gather is logged and exported to a JSON File. This JSON can be found in the c:\windows\logs\measuredboot folder

the c:\windows\logs\measuredboot  now contains a json file with all the information in it that the new Tpm-PreAttestationHealthCheck gathered

If we open that nice JSON, we spot all the checks this new Tpm-PreAttestationHealthCheck scheduled task performs! The JSON is divided into three categories. Checks that are Required, Expected and Informational

the json contains all the information about: 
TpmPresent
TpmMeetsminimumversion
TpmisResponsive
EkCertIsAvailable
TcgLogFound
PcrtsMatchTcgLog
Securebootenabled
  • TpmPresent
  • TpmMeetsminimumversion
  • TpmisResponsive
  • EkCertIsAvailable
  • TcgLogFound
  • PcrtsMatchTcgLog
  • Securebootenabled

I guess querying this JSON when you have issues with Health Attestation is an excellent thing to do!.

4. The Flow

As always, there is a weird and maybe funny mspaint flow with all strings attached.

the Tpm-PreAttestationHealthCheck technincal overview of what and how this scheduled task is gathering its information and outputting it into the JSON

But I am also improving my flows… I start with Paint and end up with a Mermaid flow. Which one do you prefer?

Conclusion

This new scheduled task, called Tpm-PreAttestationHealthCheck, will undoubtedly provide more insights into what goes wrong when health attestation fails. So, if you have attestation issues, check out this JSON first! (afterward, you can contact me… and pass me that JSON)

Leave a Reply

Your email address will not be published. Required fields are marked *

1  +  7  =  

Proudly powered by WordPress | Theme: Wanderz Blog by Crimson Themes.