This makes a person wonder, who, exactly works for who these days!! I HOPE, Microsoft is listening, being they are shooting themselves in the foot with TPM / CPU's for Windows 11.
The active exploitation of all the discovered vulnerabilities can’t be detected by firmware integrity monitoring systems due to limitations of the Trusted Platform Module (TPM) measurement. The remote device health attestation solutions will not detect the affected systems due to the design limitations in visibility of the firmware runtime.
https://www.binarly.io/posts/An_In_Depth_Look_at_the_23_High_Impact_Vulnerabilities/index.html