The real reason for Windows 11

I’ve been puzzling over the “why” of Windows 11 for a while now. I’m not the only one. As Computerworld’s Preston Gralla wrote, the Windows 11 release news “was often flat-out wrong or misleading. It may well have been the most botched product announcement in Microsoft’s long history.”

Amen, brother! I’ve covered every Windows launch since Windows 95 rolled out in Atlanta and nothing else comes close. And, yes, I’m counting 95’s Steve Ballmer and Bill Gates dance routine.

So, why is Microsoft releasing this? And why now? Clearly, it’s been done in a hurry. Even a month ago, no one outside of Microsoft saw Windows 11 coming. Microsoft had made it clear that it sees the future of the desktop on the Azure cloud with Microsoft Cloud PC.

It’s not money. Windows 11 will be a “free” upgrade for current Windows 10 users. And it sure isn’t the “Eh” updated interface or new features. I mean, being able to run Android apps on Windows is nice, but the reason for a whole new release? I don’t think so.

So, what’s really going on? After taking a deep dive into what Microsoft is saying and the current, “If it’s Tuesday, there must be a new security disaster” world, I think what Windows 11 is really all about is security.

Even as I write this, there’s another major Windows zero-day popping up — and it’s nasty. PrintNightmare. Yes, your machine can be taken over via an attack on your Windows printer spooler.

Of course, security isn’t sexy. It also means tacitly admitting that Windows 10 is just as much a security mess as ever. But it’s not all Microsoft’s fault. Intel’s security is a mess, as well. Remember the nasty Meltdown and Spectre security bugs. They’re still around, and we’re still dealing with their fallout. Put them together in WinTel, and we have a real mess.

The answer? Microsoft, after confusing everyone about what hardware Windows 11 will or won’t run on, finally revealed what’s what. And, along the way it pulled back the curtain on why it’s doing this. And the answer is, indeed, security.

Windows 11 raises the bar for security by requiring hardware that can enable protections like Windows Hello, Device Encryption, virtualization-based security (VBS), hypervisor-protected code integrity (HVCI), and Secure Boot. These features in  combination have been shown to reduce malware by 60% on tested devices. That’s why all Windows 11-supported CPUs have an embedded TPM, support secure boot, and support VBS and specific VBS capabilities.

What does that mean for us? Bad news. Most of us aren’t going to “upgrade” our Windows 10 systems. Instead, we’re going to buy new PCs.

Specifically, Microsoft says it’s “confident that devices running on Intel 8th-generation processors and AMD Zen 2 as well as Qualcomm 7 and 8 Series will meet our principles around security and reliability and minimum system requirements for Windows 11. As we release to Windows Insiders and partner with our OEMs, we will test to identify devices running on Intel 7th generation and AMD Zen 1 that may meet our principles.”

Note: It didn’t guarantee Windows 11 would run on, say, Intel Coffee Lake CPUs. There’s a big difference between a guarantee and mere confidence.

As for 7th-generation chips such as the Kaby Lake processors, we’re still in the dark. (I honestly can’t see them working well, truth be told.)

Microsoft has also finally made it clear that your PC must have Trusted Platform Module (TPM) 2.0 silicon inside — and your computer’s firmware must also be set so that it’s active. TPM 2.0 is used to generate and protect encryption keys, user credentials, and other sensitive data so malware and attackers can’t access or tamper with your data.

It’s a good thing you can simply check to see whether your existing fleet of PCs can run Windows 11 with the PC Health Check app, right?

Wrong. Microsoft confesses that while “the PC Health Check app was intended to help people check if their current Windows 10 PC could upgrade to Windows 11…, it was not fully prepared to share the level of detail or accuracy you expected from us on why a Windows 10 PC doesn’t meet upgrade requirements. [So] we are temporarily removing the app so that our teams can address the feedback. We will get it back online in preparation for general availability this fall.”

Come on, now. Clearly there was no beta-testing of Windows 11 worth the name inside Microsoft. Windows 11 is being pushed out the door as fast as possible, with Microsoft broadly hinting Windows 11 will be released on Oct. 20 and you can expect to see new Windows 11 PCs in 2021’s fourth quarter.

Right. What fortuitous timing.

Yes, Windows and your business both need better security. But the more I look at this, the more I see an operating system being rushed out the door that’s very likely to foul up frequently and will require you to buy expensive new equipment.

Let’s get real. Windows 11 will not be ready for ordinary businesses or people to run this winter. I’ll be running it — on a brand-new PC with the latest hardware — because that’s what I do. But you and yourbusiness? Stick with Windows 10 for now. Frankly, get ready to stick with Windows 10 until 2023. By January 2023, Windows 11 may be ready for business. Late 2021? Late 2022? I don’t see it.

Next read this: