Event banner

AMA: Windows 11 upgrade paths and deployment tools

Event Ended
Wednesday, Jul 21, 2021, 04:00 PM PDT
Online

Event details

Are you planning your migration from Windows 10 to Windows 11? Are you unsure which tools you should use to help with the migration? Join our panel of experts and get your questions answered! We'll h...
Heather_Poulsen
Updated Dec 27, 2024
AMA
Dylan_Snodgrass's avatar
Dylan_Snodgrass
Silver Contributor
Jul 21, 2021

Welcome to the Windows 11 upgrade paths and deployment tools Ask Microsoft Anything (AMA)! This live hour gives you the opportunity to ask questions and provide feedback to the engineering and product teams building Windows. Introduce yourself by replying to this thread. Post each question in the Comment on this event… box above.

Dasein's avatar
Dasein
Copper Contributor
Aug 25, 2021
Also I wonder what the word was for Zen 1/7th Gen Intel since last time Microsoft was saying that they were investigating "experience" which to me is fine and im even typing this from my Win 11 Machine that has a Ryzen 1000 CPU in There's not been any communication since that comment on "experience" however 😕 Security-wise I can't see a clear enough line from accepted CPU's and rejected ones which honestly felt like an arbitrary line in the sand, people who bought new surface products would automatically be stuck with Windows 10 even if they dont want to be until they can upgrade again. Zen 1/Gen 7 wasn't that long ago 😞
  • Kasper Jensen's avatar
    Kasper Jensen
    Brass Contributor
    Aug 26, 2021

    The line is drawn because Gen 8/Zen 2 (technically Gen 7 too) are the first processors to support http://borec.ch/the-potential-performance-impact-of-device-guard-hvci/, a hardware feature to speed up HVCI, a security feature used for kernel driver validation and for some enterprise security features such as WDAG/Device Guard and force-enabled on Windows 11.

    Without MBEC on the processor, HVCI is much slower and somewhat cripples the CPU, therefore the "experience" argument from Microsoft.

     

    Opinion: Microsoft have been shady about this from the very start, with no official explanation and false arguments (no, Secure Boot, VBS and HVCI enabled but unconfigured will not stop https://www.microsoft.com/security/blog/2021/01/11/new-surface-pcs-enable-virtualization-based-security-vbs-by-default-to-empower-customers-to-do-more-securely/).

    I think HVCI in isolation is useless for consumers and small businesses alike as malicious kernel drivers or Mimikatz usage is not going to be the primary focus for attackers when the user is local admin already.

    • Dasein's avatar
      Dasein
      Copper Contributor
      Aug 27, 2021
      Also wasn't Windows 10 meant to be the last version of Windows? Did something change there? 🤔
      • Kasper Jensen's avatar
        Kasper Jensen
        Brass Contributor
        Aug 27, 2021

        That was always an urban legend - one engineer overspoke to a journalist and it blew up from there.

        We've always known that Windows 10 would only be supported for 10 years, https://web.archive.org/web/20150728070925/http://windows.microsoft.com/en-us/windows/lifecycle at the RTM release of Windows 10 1507 showing the 2025 support end date.

Date and Time
Jul 21, 20214:00 PM - 5:00 PM PDT