Microsoft is testing the 24H2 version service pipeline in the Windows 11 Dev channel. After turning on VBS, you will receive the 26080.1400 update

Microsoft pushed two service updates on the Dev Channel today to test the service pipeline of the Win11 24H2 version. These updates do not contain any new content and are provided solely to evaluate system functionality and stability.

According to official instructions, most users in the Dev channel will receive the 26080.1300 cumulative update (KB5037139), but if the virtualization-based security (VBS) function is enabled, they will receive Build 26080.1400 (KB5037140). Microsoft emphasizes that Arm64 devices will only receive the KB5037139 update, even if they have VBS enabled.

IT Home Note: Virtualization-based security (VBS) uses hardware virtualization and the Windows hypervisor to create an independent virtual environment that becomes the root of trust for an OS that assumes the kernel has been compromised. Windows uses this isolated environment to host many security solutions, providing them with significantly enhanced protection against vulnerabilities in the operating system and against malicious attacks seeking to subvert protection. VBS enforces restrictions to protect critical system and operating system resources, or to protect security assets such as authenticated user credentials.

One of the security solutions is Memory Integrity, which protects and hardens Windows by running kernel-mode code integrity in an isolated virtual environment in VBS. Kernel-mode code integrity refers to a Windows process that checks all kernel-mode drivers and binaries before they are launched and prevents unsigned or untrusted drivers or system files from being loaded into system memory. Memory integrity also limits the kernel memory allocations that can be used to compromise the system, ensuring that kernel memory pages become executable only after passing code integrity checks in the secure runtime environment, and that the executable pages themselves are never writable. This way, even if there is a vulnerability such as a buffer overflow that allows malware to attempt to modify memory, the executable code page cannot be modified, and the modified memory cannot be executed.

The above is the detailed content of Microsoft is testing the 24H2 version service pipeline in the Windows 11 Dev channel. After turning on VBS, you will receive the 26080.1400 update. For more information, please follow other related articles on the PHP Chinese website!