- Windows 11 steps up its security compared to Windows 10.
- Windows 11 defenses have been beefed up with critical security features.
- Expect TPM 2.0 to be among the top security features.
There has been a lot of hype around Windows 11, and it seems users stand to benefit from an array of features when they make the switch. Recently, a lot of applications have been getting updates to fit in with Windows 11.
Now, the security features have also been beefed up to seal the deal. There have been a lot of bugs in the preview builds released, but that will be a thing of the past when you make the switch.
Let’s look into detail why Windows 11 will be the most secure OS than its previous counterparts.
You may have probably heard about TPM 2.0 requirements and how Microsoft has made it a requirement for some applications if users want to use Windows 11.
It has become a bit controversial as some support the move while others are against it. Well, the reason behind that is security!
TPM chips have been around for a while, but they are only being taken seriously since recently. A TPM stores important credentials to authenticate users, software, and devices.
TPM 2.0 is therefore being used to secure the login process. The reason behind using TPM 2.0 and not TPM 1.2 is because it has better cryptographic algorithms and will prevent data breaches.
In Windows 11, Microsoft has incorporated Virtualization-based Security. The main aim of this feature is to protect security solutions by creating an isolated and secured segment in the system memory.
The isolation process targets information that is vulnerable to cyber-attacks. Although VBS is also available on Windows 10, it is not set by default. In Windows 11, it will be set by default and mitigate the risk, especially by admins who may fail or forget to set it.
Hypervisor-protected Code Integrity is part of a VBS feature. Its work is to protect the isolated system memory created by VBS. It ensures the Windows kernel is not compromised. Many attackers heavily rely on kernel mode to gain access.
Although HVCI is part of Windows 10, it degrades its performance by using older CPUs. It is why Microsoft has come up with dedicated hardware specifically for HVCI and requires 8th gen or above AMD CPUs for Windows 11.
4. The UEFI Secure Boot
By default, all Windows 11 devices come pre-installed with UEFI Secure Boot. This makes it more secure than Windows 10.
An important disclaimer is that if your windows security system or protocols were compromised before the boot, UEFI secure boot would be useless.
The catch to enjoying these security benefits is to get a new PC that supports all these requirements or one of the latest released Surface devices such as the Surface Laptop Studio.
Does your PC meet the requirements to run Windows 11? Let us know in the comments down below.