And while Redmond has defended these system requirements, we have not seen them put to test.
Proof, as they say, is in the pudding.
And a recent Microsoft Mechanics video showcases these very security features of the new operating system, with the company going so far as to show how this watertight security works by hacking into a Windows 11 PC for all to see.
Do so below:
Dave Weston, who you may know as the chap who most recently put his weight behind technologies like TPM 2.0 and VBS is doing the talking here. Microsoft’s own security expert explains the reasoning behind these new security features in this 17-minute clip.
The idea being to protect Windows 11 devices against modern malware and other types of attacks, which as the video shows are very much possible by turning these new security features off.
Showcased, is how remote desktop connections can leave PCs open to remote hacks if security options like TPM and Secure Boot are not enabled.
In addition, the video also highlights the benefits of virtualization-based security and enhanced sign-in security, whereby turning them off can leave a machine vulnerable for in-person physical hacking via direct memory access in Thunderbolt.
He uses a device connected to the victim PC to spoof a fingerprint, and then logs into that computer using just a gummy bear.
The moral of the story is that security features in Windows 11 like virtualization-based security, encryption keys, signature and code, are all separated by hardware from the operating system. This, in turn, makes previous physical hacks impossible.
And when you add technologies like UEFI, Secure Boot, Trusted Boot, and TPM, then you have your waterproof defense against rootkits and boot kits.