Security News > 2021 > January > Windows 10 hardware security enabled by default on new Surface PC

Microsoft has unveiled today the new Surface Pro 7+ for enterprise and educational customers, an ultra-light 2-in-1 device that comes with Windows Enhanced Hardware Security features enabled by default.

The new Surface PC will help defend against escalation of privilege attacks which target sensitive info stored in a device's memory with the help of virtualization-based security and Hypervisor-protected code integrity - also known as Memory Integrity.

The two hardware security features will be turned on by default on all Surface Pro 7+ devices to protect business customers' data.

"For the first time, Surface Pro 7+ ships with Windows Enhanced Hardware Security features enabled out of the box," Robin Seiler, Microsoft Devices Corporate VP, said.

Surface Pro 7+ for Business ships at the end of this week and it joins other recently shipped Surface devices such as Surface Book 3, Surface Laptop Go, and Surface Pro X which also come with HVCI and VBS toggled on out of the box.

Last year, Microsoft issued guidance on how to resolve problems with Windows 10 2004 upgrades being blocked and loading driver issues in Windows 10 caused by the Memory Integrity security feature.

News URL

https://www.bleepingcomputer.com/news/security/windows-10-hardware-security-enabled-by-default-on-new-surface-pc/