Just what does Windows 11 bring to the table? | #ios | #apple | #iossecurity


The other day, my Dad — my bellwether for technology — mentioned in passing that he’d read online that Windows 11 shouldn’t be used and that the operating system wasn’t being adopted.

Dad had a point. He’s more of an Apple user now — I have him on my phone plan to support his tech needs, he uses an iPhone and has an iPad. As his needs have changed, his reliance on Windows devices has decreased. In fact, his current Windows needs involve applications not on the Apple platform. (And because he’s a standalone user, not a domain user, many of the advances in Windows 11 having to do with authentication won’t be available to him.)

“Computerworld” recently noted that the uptake for Windows 11 was moving slowly, with it running on just 1.44% of all systems.  This is similar to what I see at home and in my office.  At home I have a single computer, a Surface Pro 7, that can run Windows 11. At the office, I only have two computers that support Windows 11.

A lot of users actually can’t run Windows 11. If that’s you, and you’re interested about why you can’t run Windows 11, you can download the Bytejeans tool to find out exactly why. This laptop I use, for example, has a Trusted Platform Module that will support Windows 11. But it doesn’t have Virtualization Based Security (VBS) support in its processor.

Windows 11 ensures that VBS is enabled by default to support Hypervisor-Enforced Code Integrity. While you could argue that in a standalone workstation this protection may not be needed, in the enterprise you’ll want to ensure it is enabled. (This is not a new technology, but the mandate is new.)

VBS is needed for Windows Defender Credential Guard, which protects domain credentials in a network. As noted: “Credential Guard is a virtualization-based isolation technology for LSASS which prevents attackers from stealing credentials that could be used for pass the hash attacks. …After compromising a system, attackers often attempt to extract any stored credentials for further lateral movement through the network. A prime target is the LSASS process, which stores NTLM and Kerberos credentials. Credential Guard prevents attackers from dumping credentials stored in LSASS by running LSASS in a virtualized container that even a user with SYSTEM privileges cannot access. …The system then creates a proxy process called LSAIso (LSA Isolated) for communication with the virtualized LSASS process.”

Copyright © 2022 IDG Communications, Inc.



Original Source link

Leave a Reply

Your email address will not be published.

73 − = sixty seven