Windows 11 was released on October 5, 2021. It has several new installation requirements including, most notably, Secure Boot and a Trusted Platform Module. These features can provide a more secure computing environment, but if you need to virtualize a Windows 11 environment, you will need virtualization software that supports this.

Although I would normally install a new Windows OS in ESX, I installed Windows 11 using VMware Workstation which has support for Secure Boot and a TPM. Windows 11 installed without an issue, and after booting, the most notable change was the GUI which is not terrible. However, it was the items that did not change that caught my eye. These items have been known to change with newer versions of Windows. VERT uses some of these indicators to accurately detect the versions of Windows. With these indicators not being updated, VERT will need to find additional methods to accurately detect the operating system.

Registry Keys

There was only one registry in HKLM that contained the string “Windows 11.” Microsoft usually updates the registry key HKLMSoftwareMicrosoftWindows NTCurrentVersion with the version of Windows. However, with Windows 11, you can see that the following keys have been updated: CurrentBuild, CurrentBuildNumber, and UBR. The CurrentBuild (22000) and UBR (194) form the build version for Windows 11 (https://docs.microsoft.com/en-us/windows/release-health/windows11-release-information). However, the ProductName value still calls this operating system “Windows 10.”

Windows 11
Windows 10

The SMB Protocol

The SMB protocol on Windows 11 advertises that the environment is running Windows 10. This could fool people into believing that this operating system is Windows 10 with the build version of 22000. However, Windows 10 does not currently have a build with a version of 22000 (https://docs.microsoft.com/en-us/windows/release-health/release-information, https://docs.microsoft.com/en-us/windows-server/get-started/windows-server-release-info).

Windows 11 – Direct (Read more...)