Moving a vTPM enabled VM (e.g. Windows 11) to a host running 8.0 U3 may cause the following behavior:

• Applications within the Guest OS stop authenticating with TPM
• When running PowerCLI command Get-TpmSupportedFeature, nothing is returned.

VMware vSphere ESXi 8.0.3

This is due to a new backend feature enablement for vTPM. Due to this new feature, additional flags were added for vTPM in 8.0 U3 that were not present in previous versions. When the VM migrates from an older version to 8.0 U3, these new values result in a null hierarchy disable, causing vTPM to have issues.

This will be fixed in upcoming releases. 

Workaround

The following workaround steps can be taken in the meantime:

1. Power on and keep the VM on an 8.0 U3 host exclusively.
2. Set up anti-affinity rules to keep the VM away from an 8.0 U3 host.
3. Power cycle the VM with TPM after a migration to 8.0 U3.

Get-TpmSupportedFeature

What Is a Virtual Trusted Platform Module