Microsoft made security one of Windows 11’s top priorities, a policy that, in addition to providing benefits, also led to some critical situations around planned obsolescence. Despite this, the Redmond giant is willing to continue in the same direction, so he updated Windows 11 22H2 so you can take advantage of Total Memory Multi-Key Encryption (TME-MK) implemented in Intel Alder Lake (12th generation) processors, a technology that is aimed at virtual machines.
As Microsoft explains, TME-MK offers “hardware accelerated DRAM encryption“. This is not a feature exclusive to Intel’s consumer-oriented twelfth-generation processors, as it was previously implemented in server-oriented third-generation Xeon processors. This means that “Azure operating systems, Azure Stack HCI, and now Windows 11 22H2 also take advantage of this next-generation hardware feature.”
Using encryption as a security measure will continue to be important for the company, especially considering that it has “long been an established mechanism to keep data away from prying eyes. By encrypting data at rest, in transit and in use, we can prevent unexpected third parties from gaining access to sensitive information for the lifetime of the data.“.
Microsoft reminds that data at rest is protected by disk encryption technologies, while protocols such as SSL, TLS and HTTPS are used for data transfer. In recent years, various hardware-based data protection technologies have emerged that are used in Azure and are capable of providing an end-to-end encryption scheme. The use of data protection built into PC hardware is one of the reasons for the high demand for Windows 11, and it’s something that’s also being implemented in Linux, although for now as an option and not a requirement.
Another aspect that the Redmond-based corporation remembers is the introduction of Bitlocker in Windows 10, which provides encryption of the data present on the data storage to prevent it from ending up in the hands of a thief who stole a laptop. That being said, we take the opportunity to recommend MuyComputer use disk encryption at least on laptops that leave home, regardless of the operating system, be it Windows, Linux, or macOS.
On the other hand, hackers have researched over the years to be able to, for example, carry out attacks against physical components with which they can recover data from media such as RAM. This is where functions like TME-MK, which relies on hardware acceleration capabilities for the controller to encrypt data before sending it to the DIMM and decrypt it when it needs to be processed.
“Memory controller-based encryption prevents attackers who have physical access to the DRAM from being able to read the memory contents in plain text. TME-MK extends this paradigm by allowing different virtual machines (partitions) to have unique memory encryption keys.”
In short, Microsoft provides additional security improvements to Windows 11 22H2 with the TME-MK implementation. This should come as no surprise to those who have followed the system’s trajectory closely and who understand the security mechanisms that have been introduced into motherboards and processors in recent years.
Source: Muy Computer
Alice Smith is a seasoned journalist and writer for Div Bracket. She has a keen sense of what’s important and is always on top of the latest trends. Alice provides in-depth coverage of the most talked-about news stories, delivering insightful and thought-provoking articles that keep her readers informed and engaged.