Windows 11 in a Parallels Desktop VM: An Update

As the expression goes, “May you live in interesting times.”

This is such an interesting time to be a Parallels® customer: macOS Monterey release imminent, Windows 11 released on October 5th, iOS and iPadOS 15 released, Parallels Desktop 16.5 and Parallels Desktop 17 released in 2021, Windows on ARM, TPM chips, M1 Mac computers, Intel Mac computers, high-priority security patches from Apple and Microsoft, and more – with what sometimes seems like daily changes. 

Here are just a few of the recent important points or changes: 

Note: Parallels Desktop 17.1.1 or newer simplifies the setup experience for Windows 11 with automatic download and installation. The process is similar to the installation on Mac computers with Intel processors. Download the latest version.

Parallels Desktop 17 Update Enables vTPM by Default 

Final changes to the system requirements for Windows 11 require a computer, both physical and virtual, with a TPM chip installed. Considering that virtual machines “will continue to work as long as the hardware requirements are met”, Parallels Desktop 17 (starting version 17.1.0) will enable the virtual TPM chip by default for all virtual machines that must have it: 

Consequences of Enabling the TPM Chip 

After adding a virtual TPM chip to a VM, Parallels Desktop creates an encrypted file within the virtual machine bundle that acts as a TPM storage. This storage must be secured, so Parallels Desktop encrypts this file using Advanced Encryption Standard (AES) with 128 bits key length and puts the password in the Mac System Keychain, which, in turn, is encrypted physical storage, and only Parallels Desktop (or Mac admin) can read the TPM password from Mac Keychain. 

Such an implementation ensures that users don’t have to come up with a password and enter it every time they start a VM, plus we humans tend to forget and lose passwords. Users can continue running their virtual machines as usual, up to the moment when one wants to transfer the VM to a new hardware.  

For a VM with TPM chip added, copying the PVM bundle to a new computer is not enough. The VM will NOT start without the corresponding record in the Mac Keychain that contains a password to decrypt the TPM file. It is not quite easy to copy this record to a new Mac, but it is possible. We have prepared detailed instructions on how to do it in this article

Apart from the nuance above, virtual machines will not be affected in any other way – Windows will continue to work as usual, as well as all Windows applications.  

Here are Some of the Questions You Might Be Asking 

Should I install Windows 11 in Parallels Desktop? 

Most Parallels Desktop users run a VM with the latest Windows release, and that is now Windows 11, so the answer is “Yes”, you should have a Windows 11 VM. 

Should I upgrade an existing Windows 10 VM to Windows 11? 

Again, here the answer is “Yes”, for the reasons stated above. 

Should I upgrade from Parallels Desktop 16 or 16.5 to Parallels Desktop 17? 

The new features and the performance improvements in Parallels Desktop 17 are compelling reasons to upgrade. If you currently have an active subscription to Parallels Desktop, upgrading to a new version, at no cost, is one of the main benefits of a subscription, so the answer to this question is also “Yes”. 

Let us know in the forums how the Windows 11 VM in Parallels Desktop is working for you.