MICROSOFT HAS RELEASED a new set of guidelines for Windows 10 customers to follow in order to ensure their device is “highly secure”.
“These standards are for general purpose desktops, laptops, tablets, 2-in-1s, mobile workstations, and desktops,” said Microsoft.
“This topic applies specifically and uniquely for Windows 10 version 1709, Fall Creators Update. Windows enterprise security features light up when you meet or exceed these standards and your device is able to provide a highly secure experience”
Microsoft’s first bit of advice is that “systems must be on the latest, certified silicon chip for the current release of Windows,” a list which includes Intel’s 7th-generation Intel Core i3, i5, i7, i9, M3, and Xeon processors, as well as current Intel Atom, Celeron and Pentium processors.
This means that Microsoft is basically admitting that its own Surface Pro 4 device, which comes powered by a 6th-gen Intel Core chip, doesn’t meet its own security standards.
The Surface Pro 4 isn’t the only Windows 10 device that won’t meet Microsoft’s stringent guidelines, as the firm also requires systems to have at least 8GB RAM, a Trusted Platform Module (TPM) and a 64-bit processor so that Windows can take advantage of Virtualisation-based security, which uses the Windows hypervisor that only works on 64-bit chips.
In order to earn Microsoft’s ‘highly secure’ bad of approval, the firm is also demanding platform boot verification, a feature that prevents the computer from loading firmware that was not designed by the system manufacturer support. Support for Intel VT-d, AMD-Vi, or ARM64 SMMUs is also required in order to take advantage of Input-Output Memory Management Unit (IOMMU) device virtualisation.
To use Second Layer Address Translation, (SLAT), processors should support Intel Vt-x with Extended Page Tables (EPT) or AMD-v with Rapid Virtualisation Indexing (RVI).
Finally, the system needs to have at least 8GB of RAM, for some reason. µ
Source : Inquirer