Windows 11 vs. past/present vulnerabilities

By JustGeorge
in Microsoft (Windows)

 Share

Recommended Posts

Grand Master

JustGeorge

Posted
Posted (edited)

This is a serious question because I really don't know. Not looking to OS bash. Wanting technical answers. 

 

What past/present vulnerabilities would've been stopped dead in their tracks by a TPM, Secureboot and the explicit cpu requirements for Win11?

Edited by JustGeorge
Veteran

+Biscuits Brown MVC

Posted
  • MVC
Posted

I don't think anyone knows 100% so I'll through these out as speculation. TPM and secure boot would be a good block against rootkit based infection so requiring these could make a system more secure.  As for CPU generation, the common thought is it has something to do with spectre/meltdown remediations but who knows. 

Grand Master

+Tantawi Subscriber²

Posted
  • Subscriber²
Posted

Well, not directly because of TPM, but if you have a TPM activated you are more likely than not to use Bitlocker drive encryption, which means no problem of data leaks if your laptop or PC gets stolen.

Grand Master

+Warwagon MVC

Posted
  • MVC
Posted
8 minutes ago, Tantawi said:

Well, not directly because of TPM, but if you have a TPM activated you are more likely than not to use Bitlocker drive encryption, which means no problem of data leaks if your laptop or PC gets stolen.

In that case make TPM a requirement if you want to use that feature, instead of forcing everyone to have it.

  • Arceles and JustGeorge
  • Like 2
Grand Master

+Tantawi Subscriber²

Posted
  • Subscriber²
Posted (edited)
12 minutes ago, warwagon said:

In that case make TPM a requirement if you want to use that feature, instead of forcing everyone to have it.

But it is available in all PCs/motherboards shipped since 2015... and what is the percentage of people caring to enable/use it? not much I'd say outside the business environments (heck, believe it or not, even some multi billion $$ companies' IT departments don't bother to encrypt their employees laptops) 

I think it is a step in the right direction, IMHO.

Grand Master

Ci7

Posted
Posted
5 hours ago, Tantawi said:

But it is available in all PCs/motherboards shipped since 2015... and what is the percentage of people caring to enable/use it? not much I'd say outside the business environments (heck, believe it or not, even some multi billion $$ companies' IT departments don't bother to encrypt their employees laptops) 

I think it is a step in the right direction, IMHO.

stuck with perfectly fine i7 5930/X99 motherboard with TPM 1.3 Connector :(

 

 

Grand Master

+Tantawi Subscriber²

Posted
  • Subscriber²
Posted (edited)
36 minutes ago, JustGeorge said:

What about ransomware? Any additional defenses against that scourge?

Partially, see: https://www.microsoft.com/security/blog/2017/06/29/windows-10-platform-resilience-against-the-petya-ransomware-attack/?source=mmpc where Secure Boot can help stop the encryption process if the computer rebooted shortly after infection. Plus other measures.

And while such protection is totally possible to have with Windows 10, the keyword here is to "enforce it" with Windows 11.

  • JustGeorge and Ci7
  • Like 2
Grand Master

goretsky Supervisor

Posted
  • Supervisor
Posted

Hello,

A couple of attack styles come to mind:

  • Some of the initial round of speculative execution attacks, i.e., first generation of Spectre and Meltdown.
  • malicious software that infects firmware, such as Mebromi and perhaps even Lojax.

Please keep in mind this is strictly off the top of my head.  I was thinking more about types of attacks that might be blocked a completely working set of TPM + SecureBoot + modern processors with fully-patched microcode.

 

Regards,

 

Aryeh Goretsky

 

Grand Master

George P Global Moderator

Posted
  • Global Moderator
Posted

When it comes to the topic of TPM and Windows everyone talks about bitlocker, but I'm pretty sure that's not the only thing Windows uses/needs TPM for.   Maybe someone should make a detailed list, if MS doesn't have one already.  

Grand Master

+Tantawi Subscriber²

Posted
  • Subscriber²
Posted
1 hour ago, George P said:

When it comes to the topic of TPM and Windows everyone talks about bitlocker, but I'm pretty sure that's not the only thing Windows uses/needs TPM for.   Maybe someone should make a detailed list, if MS doesn't have one already.  

https://docs.microsoft.com/en-us/windows/security/information-protection/tpm/trusted-platform-module-overview#practical-applications

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.

  • Posts

    • The official Funny Pictures thread

      By Steven P. · Posted

    • Gears of War: E-Day brings 12-player co-op, smoother traversal mechanics, and more

      By leonsk29 · Posted

      Thanks, Sony and Nintendo, you effectively killed platform-agnostic gaming. Long gone are the days when you could wish to play a specific game on whatever platform you were. Now, you have to buy the hardware just to play that single game. What, you're only interested in THAT game and nothing more? Bad luck, suck it and buy our console.
    • This Corsair Vengeance DDR5-6000 32GB RAM with RGB is a great deal for limited time

      By TheGodOfKratos · Posted

      The AI data centers need it more than us so...let them gobble it all up at that price!
    • "CRAZIER than ever!" Crazy Taxi: World Tour is officially coming soon

      By LoneWolfSL · Posted

      "CRAZIER than ever!" Crazy Taxi: World Tour is officially coming soon by Pulasthi Ariyasinghe Sega announced it is working on bringing back some of its classic franchises in 2023, and while it has taken some time, the company finally gave fans a look at one of these new projects at the Xbox Games Showcase today, which turned out to be a brand-new Crazy Taxi entry. Watch the debut trailer above, which has snippets of gameplay in between the cinematic bits while blasting a track from The Offspring. Dubbed Crazy Taxi World Tour, this installment is aptly being described as being "CRAZIER than ever!" The director behind the original, Kenji Kanno, is helming this new entry as well, which will come with access to five new cities to drive in, competitive multiplayer modes, a vehicle customization system, and more. Axel is returning as a protagonist as well, but this time a mystery driver is offering him the opportunity to take his adventures to the streets in other countries. This will involve Axel chasing down masked villains that have somehow stolen his taxi, which means even more extreme missions and challenges to overcome. "From transporting passengers at top speed to tackling unique side missions and odd jobs across dynamic maps, there are countless ways to drive crazy and rake in big money," says Sega about this new installment after over 20 years. "Perform outrageous drifts, catch insane air, and drive at crazy speeds across five different cities as you work to deliver passengers and complete a variety of missions and challenges." The studio has even confirmed an in-game Arcade Mode that players will be able to access containing the original games for plenty of nostalgic action. Crazy Taxi: World Tour is currently slated to release sometime in 2027 across PC, Xbox Series X|S, PlayStation 5, and Nintendo Switch 2.
    • State of Decay 3 is out in 2027, reveals Plague Nests with new co-op gameplay trailer

      By Figure 8 Dash · Posted

      This and Crazy Taxi are the two games that interested me the most from this showcase.

  • Recent Achievements

    • Proficient
      Eric Biran went up a rank
      Proficient
    • Dedicated
      Conjor earned a badge
      Dedicated
    • Week One Done
      Windows Guy earned a badge
      Week One Done
    • Dedicated
      Mark Spruce earned a badge
      Dedicated
    • Collaborator
      conkir earned a badge
      Collaborator

  • Popular Contributors

    1. 1
      +primortal
      492
    2. 2
      PsYcHoKiLLa
      248
    3. 3
      Steven P.
      71
    4. 4
      +Edouard
      69
    5. 5
      ATLien_0
      67
    Show More

  • Tell a friend

    Love Neowin? Tell a friend!