But without real clarity around those security capabilities, it's hard to trust that they really are crucial. That actually makes sense, yet Microsoft doesn't spell it out anywhere, and good luck finding any technical details from Intel or AMD explaining the security features of their processors across generations.Īll of this is impenetrable to the average user, which I'm sure is why Microsoft took the "trust us, this will make your PC more secure" route. But no one's actually coming out and explaining that.Īs Ars Technica's Andrew Cunningham writes, the Windows 11 compatibility list mostly includes CPUs that support something called "Mode Based Execution Control"-all you really need to know is that MBEC is what allows newer processors to handle those security features without slowing down. VHS and HVCI, which Microsoft wants enabled on most Windows 11 PCs by default, may run far better on newer CPUs. If you remember the Spectre and Meltdown CPU vulnerabilities discovered back in 2018, you may also remember that some of the fixes could significantly slow down performance on older CPUs. Now we're getting into some security features that may actually differ between CPU generations. Later the post cites that all Windows 11 CPUs should support HVCI, or hypervisor-protected code integrity, and Virtualization Based Security (VBS), which is mandated within the US Department of Defense (ooh, fancy!). It was also pretty suspicious when the single mobile 7th gen CPU Microsoft decided to add to the list happened to be installed in the $3,500 Surface Studio 2 it currently sells.Ī recent Windows 11 blog post says that Microsoft used "more than 8.2 trillion signals from Microsoft’s threat intelligence, reverse engineering on attacks as well as input from leading experts like the NSA, UK National Cyber Security Center and Canadian Centre for Cyber Security to design a security baseline in Windows 11 that addresses increasing threats that software alone cannot tackle." Sorry, but invoking a big number and the NSA doesn't actually convince me that one CPU vs another is going to make my PC virus-proof. With Windows 11 Microsoft has been making a lot of noise about security to justify its TPM 2.0 requirement, but it hasn't adequately explained why, say, Intel's 7th gen Core CPUs are too insecure to include while the 8th gen CPUs are. The security requirements are opaque and the few numbers Microsoft has publicized about stability are vague Likewise, Windows 10 doesn't officially support CPUs like the Haswell i7-4790K, yet I have a PC with one in my house right now that runs Windows 10 perfectly fine. The oldest officially supported Intel CPU for Windows 7 was launched in 2015… five years after Windows 7 came out in 2009. The big problem: The supported CPU list just isn't trustworthyĪs Linus points out in the video above, Microsoft's official CPU compatibility lists don't hold up to much scrutiny.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |