Microsoft's new Windows 11 has a ton of security-based features baked into it like Trusted Platform Module (TPM 2.0), Virtualization-based Security (VBS), and more, which - much to the annoyance of certain users - have lead to some strict system requirements. While they were still present in Windows 10, they weren't however enforced on users unlike now in Windows 11.
The company though has defended its position and recently, David Weston, Partner Director of Enterprise and OS Security at Microsoft, explained why these features have played a key role in ensuring a secure experience for Windows 11 users.
Not just that but the firm also presented a video demo - starring Weston - that shows how potential hackers could easily gain access to such vulnerable machines that don't have these features. The video shows how hackers can gain control of a vulnerable device both remotely or locally to infect such systems with malicious payloads like ransomware or steal user authentication data. The video is meant to really drive the point home that such features are indeed crucial for a secure Windows 11 environment.
The first part of the video shows the successful exploitation of a vulnerable open remote desktop protocol (RDP) port to gain administrator access and distribute mock ransomware on a Windows 10 PC that didn't have TPM 2.0 and Secure Boot enabled.
After that, Weston demonstrates local exploitation of the user login via fingerprint authentication process on a PC without VBS. A PCILeech was used to gain access to the memory on the vulnerable system and modify the biometric authentication code that can let a potential attacker bypass the biometric authentication process.
You can watch the full video and find more details in the source link below.
Source: Microsoft Mechanics (YouTube)
77 Comments - Add comment