Windows 11: What’s new – the Good, Bad, Ugly & Unknown
Windows 11: What’s new? The single paragraph version for those with short attention spans is a new UI, native Android applications can run on the OS, it forces users to have a connected Microsoft account to setup and run the operating system for the first time, it kills off the stripped back “S mode” and comes with a new end-user license agreement. Oh, and it has more demanding hardware requirements than many expected…
See also: Windows 11’s launch gets messy, as TPM 2.0 confirmed, hardware check application pulled from circulation
Microsoft requires — as it highlights in an updated June 28 blog — hardware that can “enable protections like Windows Hello, Device Encryption, virtualization-based security (VBS), hypervisor-protected code integrity (HVCI) and Secure Boot.” This has, Microsoft suggested, in a line since deleted from its blog, ruled out computers “running on Intel 6th generation and AMD pre-Zen.”
It also comes with deep Teams integration, which has had a radically rethought architecture to boot. (Teams 2.0, coming with Windows 11, will consume half the memory of the same consumer account on Teams 1.0, said engineering lead Rish Tandon, adding that with the revamp, Teams is “moving away from Electron to Edge Webview2” and is ditching Angular: “We are now 100% on reactjs.” More enteprise details will follow.)
Admins will be able to upgrade to Windows 11 using “existing deployment and management tools at no cost when the upgrade reaches general availability” Microsoft noted — that’s “later” this calendar year.
Feature updates will be yearly, rather than twice yearly; patches continue to be monthly. You can read Microsoft’s Windows 11 notes here which include guidance for those running fleets of Windows boxes.
Wait, Android Apps on Windows 11, What?
A big part of Microsoft’s Windows 11 release was an all-singing new Microsoft App Store. (“We’re excited to soon be welcoming leading first and third-party apps like Microsoft Teams, Visual Studio, Disney+, Adobe Creative Cloud, Zoom and Canva to the Microsoft Store” MSFT said in a press release).
The company is also “pumped” to announce it is “bringing Android apps to Windows for the first time. Starting later this year, people will be able to discover Android apps in the Microsoft Store and download them through the Amazon Appstore” it said. This is thanks to a “partnership with Amazon and Intel using their Intel Bridge technology”. The latter is a runtime post-compiler that enables such applications to run natively on x86-based devices, including running those applications on Windows, Intel explained.
What about Enterprise Support, Compatibility?
Enterprise and Education editions of Windows 11 will be supported for 36 months from GA. Home, Pro, Pro for Workstations, and Pro for Education editions of Windows 11 will get 24 months. Devices on in-service versions of Windows 10 will continue to receive monthly Windows 10 security updates through 2025.
Will it break your enterprise applications? Hopefully not. “Windows 10 compatibility rates are over 99.7% for enterprise organizations, including line of business (LOB) apps” Microsoft said. Deeper Teams integration meanwhile means users will now be able to mute and unmute video or voice calls directly from the Window 11 Taskbar’s system tray. (The little buttons in the bottom right of your screen…)
Windows 11 Hardware Requirements
Windows 11 is not supported on 32-bit architecture. Most other kit that’s less than 24 months old should work. Windows 11 hardware requirements are as follows: Processor: 1 gigahertz (GHz) or faster with two or more cores on a compatible 64-bit processor or system on a chip (SoC). RAM: 4 gigabytes (GB) or greater. Storage: 64 GB* or greater available storage is required to install Windows 11. Graphics card: Compatible with DirectX 12 or later, with a WDDM 2.0 driver. System firmware: UEFI, Secure Boot capable. TPM: Trusted Platform Module (TPM) version 2.0. Display: High definition (720p) display, 9″ or greater monitor, 8 bits per color channel.
Windows 11 Security
Arguably curiously, the Windows 11 release notes to-date suggest few details on any security improvements, merely noting that it will be “the most reliable, secure, connected, and performant Windows operating system ever.” IT admins mightily tired of patching regular critical remote code execution (RCE) bugs will be pleased: the number of annual Microsoft vulnerabilities has risen 181% in five years, with Windows (the most bug-riddled product) suffering 907 software security issues in 2020; 132 critical.
Windows 11 will feature “new built-in security technologies that will add protection from the chip to the cloud, while enabling productivity and new experiences. Windows 11 provides a Zero Trust-ready operating system to protect data and access across devices. We have worked closely with our OEM and silicon partners to raise security baselines to meet the needs of the evolving threat landscape and the new hybrid work world”.
(Microsoft responded to questions from The Stack about this rise in vulns and general QA recently with the highly detailed comment that “we take security seriously, which is reflected in the successful efforts we’ve made in addressing vulnerabilities to protect customers.“)
Windows 11: MSA Accounts Mandatory
In a move that may trouble some, Microsoft will require users to have an internet-connected Microsoft Account (MSA) for the first time to set up the latest version of the free Operating System: Windows 10 tries to foist this on users too, but it’s still possible, if periodically painful, to only have a local account.
Microsoft engineer Steve Syfuhs was among those defending the move, noting on Twitter: “For the vast majority of users they won’t know any different from Win 10. The problem is that local disconnected accounts lead to so much data loss because there’s no recovery mechanism [that’s user friendly for everyone].”
For those troubled by Microsoft’s telemetry, this may prove unhappy news. Given liberal permission to phone home, a computer running Windows 10 will send Microsoft information about up to 1,200 “events” on the computer, the software, and its user’s behaviour. At any point, approximately 10 teams of engineers will have access to the data harvested, and this collection of telemetry data is dynamic: Microsoft engineers can add new types of events to the telemetry stream without prior notice to users, Dutch analysis shows.
Windows 11 will no doubt, like Windows 10, have ways to switch that off completely for enterprise users and reduce it for consumers. (You can learn more about Microsoft’s Windows 10 policies on that here.) You can read Microsoft’s Windows 11 notes here and its press release here.
Strong opinions on any of the above? Share them with us here or follow and connect on LinkedIn.