Previous versions of the Windows system contained some security holes and vulnerabilities, and for that, Microsoft worked to double the security in the new Windows 11 version..
This is done by including several key security features to protect the user and their data from exploitation.
Security features in Windows 11
Support for the TPM chip to install Windows 11
Since Microsoft announced that installing Windows 11 requires TPM 2.0 chip support, this topic has become somewhat controversial.
This is because this chip is present in most Windows computers, but hardware manufacturers have not enabled it by default.
It is a security chip that encrypts and stores encryption keys and passwords, and the TPM chip uses the stored objects to identify and authenticate devices.
For example, using Windows Hello in Windows 11 requires this chip to secure the login process. This is because this slide support Better encryption algorithms.
Also Read: How To Make Sure Your Computer Can Run Windows 11
Virtualization based security
Microsoft has included the virtualization-based security feature (VBS) in Windows 11.
The feature is intended to protect security solutions from exploits by hosting these solutions within an isolated, secure portion of system memory.
This means that the VBS feature takes a large portion of system memory, isolates it from the rest of the operating system, and uses that space to store security solutions.
By doing so, Microsoft protects security solutions that are the primary targets of most cyberattacks.
Safety of protected code
Code integration protected by HVCI It is a feature of VBS. which protects the isolated system memory environment it creates by making sure that it is not hacked Windows kernel Also known as the brain of the operating system.
Since many exploits rely on the use of kernel mode to gain access to the system, HVCI does a critical job of ensuring that the kernel is secure and cannot be used to exploit the system.
If Windows starts to boot with bad code, cybercriminals can bypass all security measures. Then UEFI Secure Boot ensures that this does not happen by verifying that your computer only starts with code from a trusted source.
This source could be the computer manufacturer, the company that made the processor, or even Microsoft itself.