In Windows 11, Microsoft took the controversial step of requiring certain hardware security functionality by default. With the second version, called 22H2, the software giant is enabling additional security features by default, for both consumers and business users.
“[PCs] running Intel 8th generation chipsets and higher will have virtualization-based security (VBS) and hypervisor-protected code integrity (HVCI) enabled by default [in Windows 11 version 22H2],” Microsoft general manager Wangui McKelvey explains. These two technologies protect you from both common malware and ransomware, as well as more sophisticated attacks.”
In addition, a new feature called Smart App Control will be enabled by default on new PCs running Windows 11 version 22H2. This prevents users from running malicious code by using AI to block untrusted or unsigned applications. And you can enable it on existing PCs by performing a PC Reset/clean install.
Microsoft has also enabled several other new security features for enterprises and other managed businesses. You can learn more in Microsoft Promises Business a Frictionless Upgrade to Windows 11 22H2.