Microsoft Highlights Benefits of Windows 11 TPM and VBS Features

Windows requirements

VBS and TPM 2.0 are mandatory for Windows 11 devices and Microsoft is now demonstrating what these security features can do. 

 There’s been a lot of discussions recently about Windows 11, including the powerful new security features. One of the main features is Virtualization-based security (VBS) and Trusted Platform Module (TPM 2.0). A lot of the discussion is around how these features will prevent devices without them from accessing Windows 11. 

All of this has created controversy, mostly because Microsoft is enforcing these updates. In fact, the company has made it clear that devices without these features will never be able to get feature or security updates again if they update to Windows 11. 

Microsoft is defending the inclusion of TPM 2.0 & VBS in Windows 11 and highlighting some of the benefits for this latest generation of their operating system. Both features are available on Windows 10, but Microsoft does not require them on their legacy platform. 

David Weston, Partner Director of Enterprise and OS Security for Microsoft, has spoken about how TPM 2.0 and VBS can protect your business against hackers. Without these security measures, threat actors would be able to bypass security to access machines. 

In the above video, Weston shows how hackers can exploit a device without TPM 2.0 or VBS by utilising remote or local attacks. The video shows how it’s possible to use a security flaw in a remote desktop protocol (RDP) port to gain admin access. From there, you could distribute malware/ransomware to and from the computers. 

Of course, the above is for a Windows 10 machine without VBS and TPM 2.0. 

The video is well worth watching. It also shows how local exploitation is possible by targeting fingerprint authentication if no VBS is available. 

Tip of the Day

To prevent attackers from capturing your password, Secure Sign-in asks the user to perform a physical action that activates the sign-in screen. In some cases, this is a dedicated “Windows Security” button but in Windows 10 most often this is Ctrl + Alt Del key.

Are you thinking of switching to Windows 11? Get in touch with one of our IT experts to find out more.

Share on facebook
Share on twitter
Share on linkedin
Share on whatsapp