Why you can trust ZDNET
:ZDNET independently tests and researches products to bring you our best recommendations and advice. When you buy through our links, we may earn a commission.Our process
'ZDNET Recommends': What exactly does it mean?
ZDNET's recommendations are based on many hours of testing, research, and comparison shopping. We gather data from the best available sources, including vendor and retailer listings as well as other relevant and independent reviews sites. And we pore over customer reviews to find out what matters to real people who already own and use the products and services we’re assessing.
When you click through from our site to a retailer and buy a product or service, we may earn affiliate commissions. This helps support our work, but does not affect what we cover or how, and it does not affect the price you pay. Neither ZDNET nor the author are compensated for these independent reviews. Indeed, we follow strict guidelines that ensure our editorial content is never influenced by advertisers.
ZDNET's editorial team writes on behalf of you, our reader. Our goal is to deliver the most accurate information and the most knowledgeable advice possible in order to help you make smarter buying decisions on tech gear and a wide array of products and services. Our editors thoroughly review and fact-check every article to ensure that our content meets the highest standards. If we have made an error or published misleading information, we will correct or clarify the article. If you see inaccuracies in our content, please report the mistake via this form.
This has been a rather, shall we say, exciting week. First, Microsoft rolled out Windows 11 to great fanfare, emphasizing the new, flashy user interface. There was just one problem: If you didn't have a system with the latest Intel Generation 8 or above processors, you couldn't have it -- you'd be stuck on Windows 10.
That we did not have a definitive answer from Microsoft from the get-go has added a great deal of frustration from Microsoft's traditional loyalists. I have also not been pleased with this, having discovered that my own PC systems, which I purchased in 2016, will not make the cut.
Virtualization? But wait, isn't that something we are only really concerned with regarding servers that live in datacenters? Traditionally, yes. But there are other uses for virtualization besides increasing workload density.
Now, with this required hardware-enforced containerization and virtualization tech, Windows 11 will isolate applications and processes much more easily. It will be much more difficult for malware in an errantly running application to access resources it isn't supposed to. It will only access the resources in that specific application task that it infects, such as a particular browser tab.
It won't have a free run of the OS, and if the infected task is detected based on its known malware signature, it's nuked in orbit.
From a security perspective for both end-users and enterprises, that is huge. And it is something you absolutely want to upgrade to in an age where malware threats are constant, and the need to be vigilant against these threats is never-ending.
So yes, this is a significant upgrade. It's valuable, and if you're a Windows user -- consumer or enterprise -- you want this. If you don't have hardware that supports it, it's worth getting a new system.
The problem is that Microsoft buried the lead and employed bait-and-switch tactics to induce us to upgrade, rather than simply being straight with us from the beginning. What Microsoft should have said is: "Look, we can't implement these important architectural changes in the OS to protect you from the bad guys unless your hardware supports this."
Instead, we got: "Open your mouth, the airplane is landing! Microsoft wants you to eat the improved hardware-enforced security feature because it's good for you! Woooo! Flashy Windows 11 user interface!"
It should be noted that Intel Gen6 systems, which did not make the official cut for Windows 11 support, can not only install the Windows 11 prerelease from the Windows Insider developer channel now, but they can also run MDAG, as shown in the screenshots above.
However, they do not have sufficient hardware virtualization technology to run what is referred to as the "Standard Hardware Security" that certified Windows 11 PCs require to make the cut. Gen7 systems do (Which Microsoft is now exploring the possibility of supporting and some older generation AMD systems), but Gen8 does it better. This includes the Core Isolation, Security Processor, and Secure Boot features within the Device Security menu.
Core Isolation requires a hypervisor, whereas MDAG appears to use host-based virtualization (which has less stringent hardware requirements), which could be the difference.
So it's unknown at this point if Gen6 systems like my 2016-era Dell XPS 8900 (Intel Skylake) running on the prerelease today will still be working on the gold release of Windows 11 in October. It would be nice if they did. I'm not counting on it.
It's ironic that the hardware-based virtualization technology I have been pleading with Microsoft to implement for years is the very thing that is likely to leave my PC systems behind with this upgrade.
Am I annoyed by this? Yes. Can I accept this now? Also, yes. But the best approach would have been coming clean with its userbase from the very beginning, making security a primary emphasis of the product launch, and not baiting and switching with a pretty user interface.