JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser .
Microsoft's latest Windows hardening guidance and key dates
Microsoft Support:
Change log
Change date Change description March 10, 2024 Revised the Monthly timeline adding more hardening related content and removed the February 2024 entry from the timeline as it is not hardening related.
Introduction Hardening is a key element of our ongoing security strategy to help keep your estate protected while you focus on your job. Increasingly creative cyberthreats target weaknesses anywhere possible, from the chip to the cloud. Have you seen our publications on hardening on the
Windows message center ? Some of those recently enforced include DCOM authentication hardening and Netjoin: domain join hardening. Let's review vulnerable areas that are undergoing hardening in the upcoming months.
Note: This article will be updated over time to provide the latest information about hardening changes and timelines. Last updated: March 10, 2024.
Hardening changes at a glance Review the visual timeline to focus on the specific changes that are of interest to you. Find the details for each phase below.
Figure 1: A visual timeline of the hardening changes taking place in 2023.
Figure 2: A visual timeline of the hardening changes taking place in 2024.
Hardening changes by month Consult the details for all upcoming hardening changes by month to help you plan for each phase and final enforcement.
April 2024
Secure Boot bypass protections KB5025885 | Phase 3 October 2024 or later
Secure Boot bypass protections KB5025885 | Phase 3 February 2025 or later
Certificate-based authentication KB5014754 | Phase 3
Source:
support.microsoft.com
Staff member MVP
Posts
25,658
Reaction score
21,528
Points
395
Well-known member
Guru
VIP
From the top of the "source" link...
Point of no return dates...
Last edited: Mar 11, 2024
OS
Win 11 Home ♦♦♦26100.4652 ♦♦♦♦♦♦♦24H2
Computer type
PC/Desktop
Manufacturer/Model
Built by Ghot® [May 2020]
CPU
AMD Ryzen 7 3700X
Motherboard
Asus Pro WS X570-ACE (BIOS 5002)
Memory
G.Skill (F4-3200C14D-16GTZKW)
Graphics Card(s)
EVGA RTX 2070 (08G-P4-2171-KR)
Sound Card
Realtek ALC1220P / ALC S1220A
Monitor(s) Displays
Dell U3011 30"
Screen Resolution
2560 x 1600
Hard Drives
2x Samsung 860 EVO 500GB,
PSU
PC Power & Cooling 750W Quad EPS12V
Case
Cooler Master ATCS 840 Tower
Cooling
CM Hyper 212 EVO (push/pull)
Keyboard
Ducky DK9008 Shine II Blue LED
Mouse
Logitech Optical M-100
Internet Speed
300/300
Browser
Firefox (latest)
Antivirus
Bitdefender Internet Security
Other Info
Speakers: Klipsch Pro Media 2.1
Operating System
Windows XP Pro 32bit w/SP3
Computer type
PC/Desktop
Manufacturer/Model
Built by Ghot® (not in use)
CPU
AMD Athlon 64 X2 5000+ (OC'd @ 3.2Ghz)
Motherboard
ASUS M2N32-SLI Deluxe Wireless Edition
Memory
TWIN2X2048-6400C4DHX (2 x 1GB, DDR2 800)
Graphics card(s)
EVGA 256-P2-N758-TR GeForce 8600GT SSC
Sound Card
Onboard
Monitor(s) Displays
ViewSonic G90FB Black 19" Professional (CRT)
Screen Resolution
up to 2048 x 1536
Hard Drives
WD 36GB 10,000rpm Raptor SATA
PSU
PC Power & Cooling Silencer 750 Quad EPS12V
Case
Generic Beige case, 80mm fans
Cooling
ZALMAN 9500A 92mm CPU Cooler
Keyboard
Logitech Classic Keybooard 200
Mouse
Logitech Optical M-BT96a
Internet Speed
300/300
Browser
Firefox 3.x ??
Antivirus
Symantec (Norton)
Other Info
Still assembled, still runs. Haven't turned it on for 15 years?
Endeavor to Persevere
Pro User
VIP
I meet all of their requirements , it seems that Microsoft does not want their users to dual boot with anything but a MS Product.
OS
11 Pro 26100.4767
Computer type
PC/Desktop
Manufacturer/Model
Dell Alienware Aurora R16
CPU
Intel Core i9 14900F (24 -Core, 68 MB Total Cache)
Motherboard
Dell Alienware
Memory
32GB DDR5
Graphics Card(s)
RTX 4080 Super w/566.36
Sound Card
Realtec
Monitor(s) Displays
Corsair XENEON 32QHD165
Screen Resolution
2560 X 1440
Hard Drives
1-2TB Samsung 990 Pro PCIe NVMe M2 SSD
PSU
1000 Watt Platinum Dell
Case
Alienware
Cooling
Liquid Closed Loop
Keyboard
Corsair Strafe RGB MK.2
Mouse
Corsair M65 Pro
Internet Speed
1000Gb's Down-20 Up
Browser
Firefox 140.0.4
Antivirus
Defender
Other Info
Very Quiet And Fast
Operating System
MX-Linux 23.6 AHS
Computer type
PC/Desktop
Manufacturer/Model
IBuypower
CPU
Intel Core i5 1315u
Motherboard
ASRock
Memory
32GB DDR5
Graphics card(s)
PNY RTX 4017
Sound Card
onboard
Monitor(s) Displays
Dell 2419HGCF
Screen Resolution
1920 X 1080
Hard Drives
SAMSUNG 980 PRO SSD 2TB, PCIe 4.0 M.2 2280
PSU
850Watt
Case
Small
Cooling
Closed loop Liquid
Keyboard
IBP
Mouse
IBP
Internet Speed
1GB
Browser
Firefox 140.0.2
Antivirus
Windows Defender
Other Info
Noisy but fast
Well-known member
Pro User
VIP
I meet all of their requirements , it seems that Microsoft does not want their users to dual boot with anything but a MS Product.
If you're referring to Secure Boot and Linux...Linux supports this already and if your distro does not, then switch to something else
OS
Win 11 Pro 24H2 26100.4484 (RP) / Linux Mint 22
Computer type
Laptop
Manufacturer/Model
Lenovo A485
CPU
Ryzen 7 2700U Pro
Motherboard
Lenovo (WiFi/BT module upgraded to Intel Wireless-AC-9260)
Memory
32GB
Graphics Card(s)
iGPU Vega 10
Sound Card
Realtek
Monitor(s) Displays
14" FHD (built-in) + 14" Lenovo Thinkvision M14t (touch+pen) + 32" Asus PB328
Screen Resolution
FHD + FHD + 1440p
Hard Drives
Intel 660p m.2 nVME PCIe3.0 x2 512GB
PSU
65W
Keyboard
Thinkpad / Logitech MX Keys
Mouse
Logitech MX Master 2S
Internet Speed
600/300Mbit
Browser
Edge (Chromium)
Antivirus
Windows Defender
Other Info
SecureBoot: Enabled
Operating System
Win 11 Pro 23H2 22631.5189 (RP)
Computer type
PC/Desktop
Manufacturer/Model
Custom
CPU
i7-7700k @4.8GHz
Motherboard
Asus PRIME Z270-A
Memory
32GB 2x16GB 2133MHz CL15
Graphics card(s)
EVGA GTX1080Ti FTW 11GB
Sound Card
Integrated
Monitor(s) Displays
32" 10-bit Asus PB328Q
Screen Resolution
WQHD 2560x1440
Hard Drives
512GB ADATA SX8000NP NVMe PCIe Gen 3 x4
PSU
850W
Case
Fractal Design Define 7
Cooling
Noctua NH-D15 chromax.black
Keyboard
Logitech MX Keys
Mouse
Logitech MX Master 2S
Internet Speed
600/300Mbit
Browser
Edge (Cromium)
Antivirus
Windows Defender
Other Info
AC WiFi Card
Well-known member
Pro User
VIP
I meet all of their requirements , it seems that Microsoft does not want their users to dual boot with anything but a MS Product.
If you're referring to Secure Boot and Linux...Linux supports this already and if your distro does not, then switch to something else
I don't know why you would bother dual booting anything anymore when Virtual Machines are so powerful and work quite well.
OS
Windows 11 Pro
Computer type
PC/Desktop
Manufacturer/Model
Custom Built
CPU
Ryzen 7 5700 X3D
Motherboard
MSI MPG B550 GAMING PLUS
Memory
64 GB DDR4 3600mhz Gskill Ripjaws V
Graphics Card(s)
RTX 4070 Super , 12GB VRAM Asus EVO Overclock
Monitor(s) Displays
Gigabyte M27Q (rev. 2.0) 2560 x 1440 @ 170hz HDR
Hard Drives
2TB Samsung nvme ssd
PSU
CORSAIR RMx SHIFT Series™ RM750x 80 PLUS Gold Fully Modular ATX Power Supply
Case
CORSAIR 3500X ARGB Mid-Tower ATX PC Case – Black
Cooling
ID-COOLING FROSTFLOW X 240 CPU Water Cooler
Internet Speed
900mbps DOWN, 100mbps UP
Operating System
Chrome OS
Computer type
Laptop
Manufacturer/Model
HP Chromebook
CPU
Intel Pentium Quad Core
Memory
4GB LPDDR4
Monitor(s) Displays
14 Inch HD SVA anti glare micro edge display
Hard Drives
64 GB emmc
Well-known member
Power User
VIP
I've never used Secure Boot and hopefully still won't have too....
OS
Windows 11 Pro 24H2 (RP channel)
Computer type
PC/Desktop
Manufacturer/Model
MSI
CPU
AMD Ryzen 7 9800X3D 8-core
Motherboard
MEG X870E Godlike
Memory
64GB Corsair Titanium 6000/CL30
Graphics Card(s)
MSI Suprim X 3080 Ti
Sound Card
Soundblaster AE-5 Plus
Monitor(s) Displays
ASUS TUF Gaming VG289Q
Screen Resolution
3840x2160
Hard Drives
Samsung 9100 Pro 4TB (gen 5 x4, system drive/games)
PSU
Seasonic PX-2200
Case
Bequiet! Dark Base Pro 901
Cooling
Noctua NH-D15S Chromax black
Keyboard
Logitech G915 X (wired)
Mouse
Logitech G903 with PowerPlay charger
Internet Speed
900Mb/sec
Browser
Microsoft Edge
Antivirus
Windows Defender
Well-known member
Pro User
VIP
I don't know why you would bother dual booting anything anymore when Virtual Machines are so powerful and work quite well.
For hardware acceleration. In Hyper-V it is nearly impossible to get HW acceleration. And in many other VMs you need a dedicated GPU for passthrough or a translation layer which makes it quite a bit slower. Nothing beats native experience not even the best virtual machines.
OS
Win 11 Pro 24H2 26100.4484 (RP) / Linux Mint 22
Computer type
Laptop
Manufacturer/Model
Lenovo A485
CPU
Ryzen 7 2700U Pro
Motherboard
Lenovo (WiFi/BT module upgraded to Intel Wireless-AC-9260)
Memory
32GB
Graphics Card(s)
iGPU Vega 10
Sound Card
Realtek
Monitor(s) Displays
14" FHD (built-in) + 14" Lenovo Thinkvision M14t (touch+pen) + 32" Asus PB328
Screen Resolution
FHD + FHD + 1440p
Hard Drives
Intel 660p m.2 nVME PCIe3.0 x2 512GB
PSU
65W
Keyboard
Thinkpad / Logitech MX Keys
Mouse
Logitech MX Master 2S
Internet Speed
600/300Mbit
Browser
Edge (Chromium)
Antivirus
Windows Defender
Other Info
SecureBoot: Enabled
Operating System
Win 11 Pro 23H2 22631.5189 (RP)
Computer type
PC/Desktop
Manufacturer/Model
Custom
CPU
i7-7700k @4.8GHz
Motherboard
Asus PRIME Z270-A
Memory
32GB 2x16GB 2133MHz CL15
Graphics card(s)
EVGA GTX1080Ti FTW 11GB
Sound Card
Integrated
Monitor(s) Displays
32" 10-bit Asus PB328Q
Screen Resolution
WQHD 2560x1440
Hard Drives
512GB ADATA SX8000NP NVMe PCIe Gen 3 x4
PSU
850W
Case
Fractal Design Define 7
Cooling
Noctua NH-D15 chromax.black
Keyboard
Logitech MX Keys
Mouse
Logitech MX Master 2S
Internet Speed
600/300Mbit
Browser
Edge (Cromium)
Antivirus
Windows Defender
Other Info
AC WiFi Card
Well-known member
Pro User
VIP
For hardware acceleration. In Hyper-V it is nearly impossible to get HW acceleration. And in many other VMs you need a dedicated GPU for passthrough or a translation layer which makes it quite a bit slower. Nothing beats native experience not even the best virtual machines.
For sure nothing beats native, but I doubt most people are doing something in another dual boot os that needs to be super intensive or something. I use vmware player and it is pretty fast in everything I do.
OS
Windows 11 Pro
Computer type
PC/Desktop
Manufacturer/Model
Custom Built
CPU
Ryzen 7 5700 X3D
Motherboard
MSI MPG B550 GAMING PLUS
Memory
64 GB DDR4 3600mhz Gskill Ripjaws V
Graphics Card(s)
RTX 4070 Super , 12GB VRAM Asus EVO Overclock
Monitor(s) Displays
Gigabyte M27Q (rev. 2.0) 2560 x 1440 @ 170hz HDR
Hard Drives
2TB Samsung nvme ssd
PSU
CORSAIR RMx SHIFT Series™ RM750x 80 PLUS Gold Fully Modular ATX Power Supply
Case
CORSAIR 3500X ARGB Mid-Tower ATX PC Case – Black
Cooling
ID-COOLING FROSTFLOW X 240 CPU Water Cooler
Internet Speed
900mbps DOWN, 100mbps UP
Operating System
Chrome OS
Computer type
Laptop
Manufacturer/Model
HP Chromebook
CPU
Intel Pentium Quad Core
Memory
4GB LPDDR4
Monitor(s) Displays
14 Inch HD SVA anti glare micro edge display
Hard Drives
64 GB emmc
Well-known member
Guru
VIP
Hardening is achieved by the Virtual Interface Application Generating Robust Access.
OS
Windows 11 Pro + Win11 Canary VM.
Computer type
Laptop
Manufacturer/Model
ASUS Zenbook 14
CPU
I9 13th gen i9-13900H 2.60 GHZ
Motherboard
Yep, Laptop has one.
Memory
16 GB soldered
Graphics Card(s)
Integrated Intel Iris XE
Sound Card
Realtek built in
Monitor(s) Displays
laptop OLED screen
Screen Resolution
2880x1800 touchscreen
Hard Drives
1 TB NVME SSD (only weakness is only one slot)
PSU
Internal + 65W thunderbolt USB4 charger
Case
Yep, got one
Cooling
Stella Artois (UK pint cans - 568 ml) - extra cost.
Keyboard
Built in UK keybd
Mouse
Bluetooth , wireless dongled, wired
Internet Speed
900 mbs (ethernet), wifi 6 typical 350-450 mb/s both up and down
Browser
Edge
Antivirus
Defender
Other Info
TPM 2.0, 2xUSB4 thunderbolt, 1xUsb3 (usb a), 1xUsb-c, hdmi out, 3.5 mm audio out/in combo, ASUS backlit trackpad (inc. switchable number pad)
Well-known member
Pro User
VIP
Hardening is achieved by the Virtual Interface Application Generating Robust Access.
OMG that is beautiful
OS
Win 11 Pro 24H2 26100.4484 (RP) / Linux Mint 22
Computer type
Laptop
Manufacturer/Model
Lenovo A485
CPU
Ryzen 7 2700U Pro
Motherboard
Lenovo (WiFi/BT module upgraded to Intel Wireless-AC-9260)
Memory
32GB
Graphics Card(s)
iGPU Vega 10
Sound Card
Realtek
Monitor(s) Displays
14" FHD (built-in) + 14" Lenovo Thinkvision M14t (touch+pen) + 32" Asus PB328
Screen Resolution
FHD + FHD + 1440p
Hard Drives
Intel 660p m.2 nVME PCIe3.0 x2 512GB
PSU
65W
Keyboard
Thinkpad / Logitech MX Keys
Mouse
Logitech MX Master 2S
Internet Speed
600/300Mbit
Browser
Edge (Chromium)
Antivirus
Windows Defender
Other Info
SecureBoot: Enabled
Operating System
Win 11 Pro 23H2 22631.5189 (RP)
Computer type
PC/Desktop
Manufacturer/Model
Custom
CPU
i7-7700k @4.8GHz
Motherboard
Asus PRIME Z270-A
Memory
32GB 2x16GB 2133MHz CL15
Graphics card(s)
EVGA GTX1080Ti FTW 11GB
Sound Card
Integrated
Monitor(s) Displays
32" 10-bit Asus PB328Q
Screen Resolution
WQHD 2560x1440
Hard Drives
512GB ADATA SX8000NP NVMe PCIe Gen 3 x4
PSU
850W
Case
Fractal Design Define 7
Cooling
Noctua NH-D15 chromax.black
Keyboard
Logitech MX Keys
Mouse
Logitech MX Master 2S
Internet Speed
600/300Mbit
Browser
Edge (Cromium)
Antivirus
Windows Defender
Other Info
AC WiFi Card
Well-known member
Power User
VIP
Hardening is achieved by the Virtual Interface Application Generating Robust Access.
I see what you did there....
OS
Win 11 Pro (24H2 RP)
Computer type
Laptop
Manufacturer/Model
Acer AN515-54
CPU
Intel(R) Core(TM) i5-9300H CPU @ 2.40GHz 2.40 GHz
Memory
32GB
Graphics Card(s)
Nvidia GeForce GTX 1650, Intel UHD 630
Monitor(s) Displays
Acer CB272D
Screen Resolution
1920x1080
Hard Drives
256GB and 1T SSD
Keyboard
Logitech MX Keys
Mouse
Logitech MX Anywhere 3
Internet Speed
500MB
Browser
Edge (Stable)
Antivirus
Microsoft Defender
support.microsoft.com
