Read the affiliate disclosure page to find out how can you help Windows Report effortlessly and without spending any money. Read more
- Windows 11 version 22H2 just received a new huge security upgrade, according to Redmond.
- Intel’s Total Memory Encryption Multi-Key (TME-MK) is now available on Windows 11 22H2.
- TME-MK is available on Intel’s 3rd Gen Xeon scalable Ice Lake CPUs, and Intel 12th Gen Alder Lake.
The Redmond tech company explained why features like TPM 2.0 and Virtualization-based Security (Core Isolation) play a key role on Windows 11 and also demoed hacking attacks on mock systems.
In case you were wondering why, know that with the launch of Windows 11 version 22H2, Microsoft detailed the security features users can expect in the new feature update.
Windows 11 version 22H2 is now more secure on Intel CPUs
In a brand new blog post, the PM Manager at Azure and Windows OS Platform confirmed this new development.
Hardware-wise, TME-MK is available on Intel’s 3rd Gen Xeon scalable Ice Lake CPUs, and Intel 12th Gen Alder Lake processors on the client side.
Keep in mind that TME-MK is available in Intel 3rd Generation Xeon server processors and Intel 12th Generation Core client processors.
That being said, Azure, Azure Stack HCI, and now Windows 11 22H2 operating systems also take advantage of this new generation hardware feature.
Another important detail here is that TME-MK is compatible with Gen 2 VM version 10 and newer. You can check out the list of Guest OS’s supported in Gen 2, right here.
How can I enable multi-key total memory encryption?
If you want to boot a new VM with TME-MK protection, assigning it a unique encryption key from other partitions, use the following PowerShell cmdlet:
Set-VMMemory -VMName -MemoryEncryptionPolicy EnabledIfSupported
Now, in order to verify a running VM is enabled and using TME-MK for memory encryption, you can use the following Powershell cmdlet:
Get-VmMemory -VmName | fl *
Please keep in mind that the following return value would describe a TME-MK protected VM:
MemoryEncryptionPolicy : EnabledIfSupported
MemoryEncryptionEnabled : True
If you need more information on the matter, be sure to check the official blog post we linked above and take your time when going through the process.
Microsoft said that Windows will continue to evolve and adopt modern defense-in-depth capabilities to continue protecting users.
Truth be told, Windows 11 did come a long way since its beginnings and we are all eager to see what the future has in store for us.
Have you tried this new security capability on your Windows 11 22H2 machine? Share your experience with us in the comments section below.