The other day, my father, my technology leader, mentioned in passing that he had read online that Windows 11 should not be used and that the operating system was not accepted.

Dad was right. Now he is more of an Apple user – I have him in my phone plan to support his technical needs, he uses an iPhone and has an iPad. As its needs have changed, its dependence on Windows devices has decreased. In fact, his current needs for Windows include applications that are not on the Apple platform. (And because he’s a standalone user, not a domain user, many of the achievements of Windows 11 in authentication will not be available to him.)

Computerworld recently noted that Windows 11 uptake is slow, running on just 1.44% of all systems. This is similar to what I see at home and in my office. I have one computer at home, Surface Pro 7, that can run Windows 11. I only have two computers in the office that support Windows 11.

In fact, many users it can not start Windows 11. If this is you and you are wondering why you can’t start Windows 11, you can download Bytejeans tool to find out exactly why. This laptop I use, for example, has a Trusted Platform Module that will support Windows 11. But it doesn’t have virtualization-based (VBS) support on its processor.

Windows 11 ensures that VBS is enabled by default to maintain the integrity of the code imposed by the hypervisor. Although you may argue that in a stand-alone workstation this protection may not be necessary, you will want to make sure that it is enabled in the enterprise. (This is not a new technologybut the mandate is new.)

VBS is required for Protect Windows Defender credentialswhich protects domain credentials on a network. As noted: “Credential Guard is a virtualization-based isolation technology for LSASS that prevents attackers from stealing credentials that can be used to transmit hash attacks. … After compromising the system, attackers often try to retrieve all stored credentials for further lateral movement through the network. The main goal is the LSASS process, which stores NTLM and Kerberos credentials. Credential Guard does not allow attackers to discard credentials stored in LSASS by running LSASS in a virtualized container that even a SYSTEM privileged user cannot access. … The system then creates a proxy process called LSAIso (LSA Isolated) to communicate with the virtualized LSASS process. ”

Copyright © 2022 IDG Communications, Inc.

Previous articleSamsung Galaxy Z Fold 4 will be available in a square shape
Next articleWork, stream and play intermittently with the CyberPower battery backup system