JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser .
Microsoft's latest Windows hardening guidance and key dates
Microsoft Support:
Change log
Change date Change description March 10, 2024 Revised the Monthly timeline adding more hardening related content and removed the February 2024 entry from the timeline as it is not hardening related.
Introduction Hardening is a key element of our ongoing security strategy to help keep your estate protected while you focus on your job. Increasingly creative cyberthreats target weaknesses anywhere possible, from the chip to the cloud. Have you seen our publications on hardening on the
Windows message center ? Some of those recently enforced include DCOM authentication hardening and Netjoin: domain join hardening. Let's review vulnerable areas that are undergoing hardening in the upcoming months.
Note: This article will be updated over time to provide the latest information about hardening changes and timelines. Last updated: March 10, 2024.
Hardening changes at a glance Review the visual timeline to focus on the specific changes that are of interest to you. Find the details for each phase below.
Figure 1: A visual timeline of the hardening changes taking place in 2023.
Figure 2: A visual timeline of the hardening changes taking place in 2024.
Hardening changes by month Consult the details for all upcoming hardening changes by month to help you plan for each phase and final enforcement.
April 2024
Secure Boot bypass protections KB5025885 | Phase 3 October 2024 or later
Secure Boot bypass protections KB5025885 | Phase 3 February 2025 or later
Certificate-based authentication KB5014754 | Phase 3
Source:
support.microsoft.com
Staff member MVP
Posts
32,088
Reaction score
27,650
Points
405
Well-known member
Guru
VIP
From the top of the "source" link...
Point of no return dates...
Last edited: Mar 11, 2024
OS
Win 11 Home ♦♦♦26200.8457 ♦♦♦♦♦♦♦25H2
Computer type
PC/Desktop
Manufacturer/Model
Built by Ghot® [May 2020]
CPU
AMD Ryzen 7 3700X
Motherboard
Asus Pro WS X570-ACE (BIOS 5302)
Memory
G.Skill (F4-3200C14D-16GTZKW)
Graphics Card(s)
EVGA RTX 2070 (08G-P4-2171-KR)
Sound Card
Realtek ALC1220P / ALC S1220A
Monitor(s) Displays
Dell U3011 30"
Screen Resolution
2560 x 1600
Hard Drives
2x Samsung 860 EVO 500GB,
PSU
PC Power & Cooling 750W Quad EPS12V
Case
Cooler Master ATCS 840 Tower
Cooling
CM Hyper 212 EVO (push/pull)
Keyboard
Ducky DK9008 Shine II Blue LED
Mouse
Logitech Optical M-100
Internet Speed
300/300
Browser
Firefox (latest)
Antivirus
Bitdefender Total Security
Other Info
Speakers: Klipsch Pro Media 2.1
Operating System
Windows XP Pro 32bit w/SP3
Computer type
PC/Desktop
Manufacturer/Model
Built by Ghot® (not in use)
CPU
AMD Athlon 64 X2 5000+ (OC'd @ 3.2Ghz)
Motherboard
ASUS M2N32-SLI Deluxe Wireless Edition
Memory
TWIN2X2048-6400C4DHX (2 x 1GB, DDR2 800)
Graphics card(s)
EVGA 256-P2-N758-TR GeForce 8600GT SSC
Sound Card
Onboard
Monitor(s) Displays
ViewSonic G90FB Black 19" Professional (CRT)
Screen Resolution
up to 2048 x 1536
Hard Drives
WD 36GB 10,000rpm Raptor SATA
PSU
PC Power & Cooling Silencer 750 Quad EPS12V
Case
Generic Beige case, 80mm fans
Cooling
ZALMAN 9500A 92mm CPU Cooler
Keyboard
Logitech Classic Keybooard 200
Mouse
Logitech Optical M-BT96a
Internet Speed
300/300
Browser
Firefox 3.x ??
Antivirus
Symantec (Norton)
Other Info
Still assembled, still runs. Haven't turned it on for 15 years?
Endeavor to Persevere
Guru
VIP
I meet all of their requirements , it seems that Microsoft does not want their users to dual boot with anything but a MS Product.
OS
Windows11 Pro 26200.8524
Computer type
PC/Desktop
Manufacturer/Model
Dell Alienware Aurora R16
CPU
Intel Core i9 14900F (24 -Core, 68 MB Total Cache)
Motherboard
Dell Alienware
Memory
32GB DDR5
Graphics Card(s)
RTX 4080 Super w/581.95
Sound Card
Realtec
Monitor(s) Displays
Corsair XENEON 32QHD165
Screen Resolution
2560 X 1440
Hard Drives
1-2TB Samsung 990 Pro PCIe NVMe M2 SSD
PSU
1000 Watt Platinum Dell
Case
Alienware
Cooling
Liquid Closed Loop
Keyboard
Logitech MK270 Wireless Keyboard
Mouse
Logitech MK270 Wireless
Internet Speed
100Gb's Down-20 Up
Browser
Firefox 151.0.2
Antivirus
Defender
Other Info
Very Quiet And Fast
Operating System
PClinuxOS Mate (2025.7)
Computer type
PC/Desktop
Manufacturer/Model
Intel
CPU
13th Gen Inter(R) Core(TM) i3-1315U
Motherboard
Intel
Memory
64 GB DDR4 @3200 MHz.
Graphics card(s)
Internal
Sound Card
None
Monitor(s) Displays
Dell 2419HGCF
Screen Resolution
1920 X 1080
Hard Drives
SAMSUNG 980 PRO SSD 2TB, PCIe 4.0 M.2 2280
PSU
Chicony 30 Watt
Case
Small
Keyboard
Dell
Mouse
Razor
Internet Speed
1GB
Browser
Slimjet
Well-known member
Pro User
VIP
I meet all of their requirements , it seems that Microsoft does not want their users to dual boot with anything but a MS Product.
If you're referring to Secure Boot and Linux...Linux supports this already and if your distro does not, then switch to something else
OS
Win 11 Pro 25H2 26200.8457 / Linux Mint 22.3
Computer type
Laptop
Manufacturer/Model
Lenovo A485
CPU
Ryzen 7 2700U Pro
Motherboard
Lenovo (WiFi/BT module upgraded to Intel Wireless-AC-9260)
Memory
32GB
Graphics Card(s)
iGPU Vega 10
Sound Card
Realtek
Monitor(s) Displays
14" FHD (built-in) + 14" Lenovo Thinkvision M14t (touch+pen) + 32" Asus PB328
Screen Resolution
FHD + FHD + 1440p
Hard Drives
Intel 660p m.2 nVME PCIe3.0 x2 512GB
PSU
125W(Dock)/65W(Travel Adapter)
Keyboard
Thinkpad / Logitech MX Keys
Mouse
Logitech MX Master 2S
Internet Speed
1/1Gbit
Browser
Firefox
Antivirus
Windows Defender
Other Info
SecureBoot: Enabled
Operating System
Win 11 Pro 25H2 26200.8521(RP)
Computer type
PC/Desktop
Manufacturer/Model
Custom
CPU
i7-7700k @4.8GHz
Motherboard
Asus PRIME Z270-A
Memory
32GB 2x16GB 2133MHz CL15
Graphics card(s)
EVGA GTX1080Ti FTW 11GB
Sound Card
Integrated
Monitor(s) Displays
32" 10-bit Asus PB328Q
Screen Resolution
WQHD 2560x1440
Hard Drives
512GB ADATA SX8000NP NVMe PCIe Gen 3 x4
PSU
850W
Case
Fractal Design Define 7
Cooling
Noctua NH-D15 chromax.black
Keyboard
Logitech MX Keys
Mouse
Logitech MX Master 2S
Internet Speed
1/1Gbit
Browser
Firefox
Antivirus
Windows Defender
Other Info
AC WiFi Card
Well-known member
Pro User
VIP
I meet all of their requirements , it seems that Microsoft does not want their users to dual boot with anything but a MS Product.
If you're referring to Secure Boot and Linux...Linux supports this already and if your distro does not, then switch to something else
I don't know why you would bother dual booting anything anymore when Virtual Machines are so powerful and work quite well.
OS
Windows 11 Pro
Computer type
PC/Desktop
Manufacturer/Model
Custom Built
CPU
Ryzen 7 5700 X3D
Motherboard
MSI MPG B550 GAMING PLUS
Memory
64 GB DDR4 3600mhz Gskill Ripjaws V
Graphics Card(s)
RTX 4070 Super , 12GB VRAM Asus EVO Overclock
Monitor(s) Displays
Gigabyte M27Q (rev. 2.0) 2560 x 1440 @ 170hz HDR
Hard Drives
2TB Samsung nvme ssd
PSU
CORSAIR RMx SHIFT Series™ RM750x 80 PLUS Gold Fully Modular ATX Power Supply
Case
CORSAIR 3500X ARGB Mid-Tower ATX PC Case – Black
Cooling
ID-COOLING FROSTFLOW X 240 CPU Water Cooler
Keyboard
Logitech G213
Mouse
Logitech G203
Internet Speed
1.2gbps Fiber
Operating System
Chrome OS
Computer type
Laptop
Manufacturer/Model
HP Chromebook
CPU
Intel Pentium Quad Core
Memory
4GB LPDDR4
Monitor(s) Displays
14 Inch HD SVA anti glare micro edge display
Hard Drives
64 GB emmc
Well-known member
Pro User
VIP
I've never used Secure Boot and hopefully still won't have too....
OS
Windows 11 Pro 25H2 (RP channel)
Computer type
PC/Desktop
Manufacturer/Model
MSI
CPU
AMD Ryzen 7 9800X3D 8-core
Motherboard
MEG X870E Godlike
Memory
64GB Corsair Titanium 6000/CL30
Graphics Card(s)
MSI Suprim 5080 SOC
Sound Card
Soundblaster AE-9
Monitor(s) Displays
ASUS TUF Gaming VG289Q
Screen Resolution
3840x2160
Hard Drives
Samsung 9100 Pro 4TB (gen 5 x4, system drive/games)
PSU
Seasonic PX-2200
Case
Bequiet! Dark Base Pro 901
Cooling
Noctua NH-D15S Chromax black
Keyboard
Logitech G915 X (wired)
Mouse
Logitech G903 with PowerPlay charger
Internet Speed
900Mb/sec
Browser
Microsoft Edge
Antivirus
Windows Defender
Well-known member
Pro User
VIP
I don't know why you would bother dual booting anything anymore when Virtual Machines are so powerful and work quite well.
For hardware acceleration. In Hyper-V it is nearly impossible to get HW acceleration. And in many other VMs you need a dedicated GPU for passthrough or a translation layer which makes it quite a bit slower. Nothing beats native experience not even the best virtual machines.
OS
Win 11 Pro 25H2 26200.8457 / Linux Mint 22.3
Computer type
Laptop
Manufacturer/Model
Lenovo A485
CPU
Ryzen 7 2700U Pro
Motherboard
Lenovo (WiFi/BT module upgraded to Intel Wireless-AC-9260)
Memory
32GB
Graphics Card(s)
iGPU Vega 10
Sound Card
Realtek
Monitor(s) Displays
14" FHD (built-in) + 14" Lenovo Thinkvision M14t (touch+pen) + 32" Asus PB328
Screen Resolution
FHD + FHD + 1440p
Hard Drives
Intel 660p m.2 nVME PCIe3.0 x2 512GB
PSU
125W(Dock)/65W(Travel Adapter)
Keyboard
Thinkpad / Logitech MX Keys
Mouse
Logitech MX Master 2S
Internet Speed
1/1Gbit
Browser
Firefox
Antivirus
Windows Defender
Other Info
SecureBoot: Enabled
Operating System
Win 11 Pro 25H2 26200.8521(RP)
Computer type
PC/Desktop
Manufacturer/Model
Custom
CPU
i7-7700k @4.8GHz
Motherboard
Asus PRIME Z270-A
Memory
32GB 2x16GB 2133MHz CL15
Graphics card(s)
EVGA GTX1080Ti FTW 11GB
Sound Card
Integrated
Monitor(s) Displays
32" 10-bit Asus PB328Q
Screen Resolution
WQHD 2560x1440
Hard Drives
512GB ADATA SX8000NP NVMe PCIe Gen 3 x4
PSU
850W
Case
Fractal Design Define 7
Cooling
Noctua NH-D15 chromax.black
Keyboard
Logitech MX Keys
Mouse
Logitech MX Master 2S
Internet Speed
1/1Gbit
Browser
Firefox
Antivirus
Windows Defender
Other Info
AC WiFi Card
Well-known member
Pro User
VIP
For hardware acceleration. In Hyper-V it is nearly impossible to get HW acceleration. And in many other VMs you need a dedicated GPU for passthrough or a translation layer which makes it quite a bit slower. Nothing beats native experience not even the best virtual machines.
For sure nothing beats native, but I doubt most people are doing something in another dual boot os that needs to be super intensive or something. I use vmware player and it is pretty fast in everything I do.
OS
Windows 11 Pro
Computer type
PC/Desktop
Manufacturer/Model
Custom Built
CPU
Ryzen 7 5700 X3D
Motherboard
MSI MPG B550 GAMING PLUS
Memory
64 GB DDR4 3600mhz Gskill Ripjaws V
Graphics Card(s)
RTX 4070 Super , 12GB VRAM Asus EVO Overclock
Monitor(s) Displays
Gigabyte M27Q (rev. 2.0) 2560 x 1440 @ 170hz HDR
Hard Drives
2TB Samsung nvme ssd
PSU
CORSAIR RMx SHIFT Series™ RM750x 80 PLUS Gold Fully Modular ATX Power Supply
Case
CORSAIR 3500X ARGB Mid-Tower ATX PC Case – Black
Cooling
ID-COOLING FROSTFLOW X 240 CPU Water Cooler
Keyboard
Logitech G213
Mouse
Logitech G203
Internet Speed
1.2gbps Fiber
Operating System
Chrome OS
Computer type
Laptop
Manufacturer/Model
HP Chromebook
CPU
Intel Pentium Quad Core
Memory
4GB LPDDR4
Monitor(s) Displays
14 Inch HD SVA anti glare micro edge display
Hard Drives
64 GB emmc
Well-known member
Guru
VIP
Hardening is achieved by the Virtual Interface Application Generating Robust Access.
OS
Windows 11 Pro + Win11 Canary VM.
Computer type
Laptop
Manufacturer/Model
ASUS Zenbook 14
CPU
I9 13th gen i9-13900H 2.60 GHZ
Motherboard
Yep, Laptop has one.
Memory
16 GB soldered
Graphics Card(s)
Integrated Intel Iris XE
Sound Card
Realtek built in
Monitor(s) Displays
laptop OLED screen
Screen Resolution
2880x1800 touchscreen
Hard Drives
1 TB NVME SSD (only weakness is only one slot)
PSU
Internal + 65W thunderbolt USB4 charger
Case
Yep, got one
Cooling
Stella Artois (UK pint cans - 568 ml) - extra cost.
Keyboard
Built in UK keybd
Mouse
Bluetooth , wireless dongled, wired
Internet Speed
900 mbs (ethernet), wifi 6 typical 350-450 mb/s both up and down
Browser
Edge
Antivirus
Defender
Other Info
TPM 2.0, 2xUSB4 thunderbolt, 1xUsb3 (usb a), 1xUsb-c, hdmi out, 3.5 mm audio out/in combo, ASUS backlit trackpad (inc. switchable number pad)
Well-known member
Pro User
VIP
Hardening is achieved by the Virtual Interface Application Generating Robust Access.
OMG that is beautiful
OS
Win 11 Pro 25H2 26200.8457 / Linux Mint 22.3
Computer type
Laptop
Manufacturer/Model
Lenovo A485
CPU
Ryzen 7 2700U Pro
Motherboard
Lenovo (WiFi/BT module upgraded to Intel Wireless-AC-9260)
Memory
32GB
Graphics Card(s)
iGPU Vega 10
Sound Card
Realtek
Monitor(s) Displays
14" FHD (built-in) + 14" Lenovo Thinkvision M14t (touch+pen) + 32" Asus PB328
Screen Resolution
FHD + FHD + 1440p
Hard Drives
Intel 660p m.2 nVME PCIe3.0 x2 512GB
PSU
125W(Dock)/65W(Travel Adapter)
Keyboard
Thinkpad / Logitech MX Keys
Mouse
Logitech MX Master 2S
Internet Speed
1/1Gbit
Browser
Firefox
Antivirus
Windows Defender
Other Info
SecureBoot: Enabled
Operating System
Win 11 Pro 25H2 26200.8521(RP)
Computer type
PC/Desktop
Manufacturer/Model
Custom
CPU
i7-7700k @4.8GHz
Motherboard
Asus PRIME Z270-A
Memory
32GB 2x16GB 2133MHz CL15
Graphics card(s)
EVGA GTX1080Ti FTW 11GB
Sound Card
Integrated
Monitor(s) Displays
32" 10-bit Asus PB328Q
Screen Resolution
WQHD 2560x1440
Hard Drives
512GB ADATA SX8000NP NVMe PCIe Gen 3 x4
PSU
850W
Case
Fractal Design Define 7
Cooling
Noctua NH-D15 chromax.black
Keyboard
Logitech MX Keys
Mouse
Logitech MX Master 2S
Internet Speed
1/1Gbit
Browser
Firefox
Antivirus
Windows Defender
Other Info
AC WiFi Card
Well-known member
Power User
VIP
Hardening is achieved by the Virtual Interface Application Generating Robust Access.
I see what you did there....
OS
Win 11 Pro (25H2 RP)
Computer type
Laptop
Manufacturer/Model
Acer AN515-54
CPU
Intel(R) Core(TM) i5-9300H CPU @ 2.40GHz 2.40 GHz
Memory
32GB
Graphics Card(s)
Nvidia GeForce GTX 1650, Intel UHD 630
Monitor(s) Displays
Acer CB272D
Screen Resolution
1920x1080
Hard Drives
256GB and 1T SSD
Internet Speed
500MB
Browser
Edge (Stable)
Antivirus
Microsoft Defender
Operating System
Win 11 Pro (RP)
Computer type
Laptop
Manufacturer/Model
Lenovo Legion 5 16IAX10 - Type 83NX
CPU
Intel(R) Core(TM) Ultra 9 275HX (2.70 GHz)
Memory
32GB DDR5-5600
Graphics card(s)
NVIDIA® GeForce RTX™ 5060 8GB
Monitor(s) Displays
Acer CB272D
Screen Resolution
1920x1080 75Hz
Hard Drives
WD Green SN3000 (2TB)
Keyboard
Logi MX Keys
Mouse
Logi MX Anywhere 3
Internet Speed
500MB
Browser
Edge
Antivirus
MS Defender
support.microsoft.com
