Event banner

AMA: Windows 11 upgrade paths and deployment tools

Event Ended
Wednesday, Jul 21, 2021, 04:00 PM PDT
Online

Event details

Are you planning your migration from Windows 10 to Windows 11? Are you unsure which tools you should use to help with the migration? Join our panel of experts and get your questions answered! We'll h...
Heather_Poulsen
Updated Dec 27, 2024
AMA
Dylan_Snodgrass's avatar
Dylan_Snodgrass
Silver Contributor
Jul 21, 2021

Welcome to the Windows 11 upgrade paths and deployment tools Ask Microsoft Anything (AMA)! This live hour gives you the opportunity to ask questions and provide feedback to the engineering and product teams building Windows. Introduce yourself by replying to this thread. Post each question in the Comment on this event… box above.

  • Dasein's avatar
    Dasein
    Copper Contributor
    Aug 25, 2021
    Also I wonder what the word was for Zen 1/7th Gen Intel since last time Microsoft was saying that they were investigating "experience" which to me is fine and im even typing this from my Win 11 Machine that has a Ryzen 1000 CPU in There's not been any communication since that comment on "experience" however πŸ˜• Security-wise I can't see a clear enough line from accepted CPU's and rejected ones which honestly felt like an arbitrary line in the sand, people who bought new surface products would automatically be stuck with Windows 10 even if they dont want to be until they can upgrade again. Zen 1/Gen 7 wasn't that long ago 😞
    • Kasper Jensen's avatar
      Kasper Jensen
      Brass Contributor
      Aug 26, 2021

      The line is drawn because Gen 8/Zen 2 (technically Gen 7 too) are the first processors to support http://borec.ch/the-potential-performance-impact-of-device-guard-hvci/, a hardware feature to speed up HVCI, a security feature used for kernel driver validation and for some enterprise security features such as WDAG/Device Guard and force-enabled on Windows 11.

      Without MBEC on the processor, HVCI is much slower and somewhat cripples the CPU, therefore the "experience" argument from Microsoft.

       

      Opinion: Microsoft have been shady about this from the very start, with no official explanation and false arguments (no, Secure Boot, VBS and HVCI enabled but unconfigured will not stop https://www.microsoft.com/security/blog/2021/01/11/new-surface-pcs-enable-virtualization-based-security-vbs-by-default-to-empower-customers-to-do-more-securely/).

      I think HVCI in isolation is useless for consumers and small businesses alike as malicious kernel drivers or Mimikatz usage is not going to be the primary focus for attackers when the user is local admin already.

      • Dasein's avatar
        Dasein
        Copper Contributor
        Aug 27, 2021
        Also wasn't Windows 10 meant to be the last version of Windows? Did something change there? πŸ€”
Date and Time
Jul 21, 20214:00 PM - 5:00 PM PDT