Enhanced Security Measures in Windows 11
With the launch of Windows 11, Microsoft placed a strong emphasis on enhancing security features within the operating system. Among the notable advancements are the mandatory requirements for Secure Boot and Trusted Platform Module (TPM) 2.0, or Platform Trust Technology (PTT) for Intel users. These measures are designed to bolster the security framework of the OS.
Memory Integrity and Its Impact
Another significant feature introduced is Memory Integrity, also known as hypervisor-protected code integrity (HVCI). This functionality enables Virtualization-based Security (VBS) on Windows, allowing for a more secure computing environment. Microsoft has previously elaborated on the importance of VBS and TPM 2.0, even providing demonstrations to showcase their effectiveness. Recently, the company released a guide detailing how to activate Enhanced Sign-in Security (ESS), which utilizes VBS and TPM for heightened protection.
However, this enhanced security comes at a cost—performance. Users have consistently reported that VBS can negatively impact CPU performance, particularly during gaming sessions. This performance dip is observed even on supported CPUs equipped with Intel’s Model-based Execution Control (MBEC) and AMD’s Guest Mode Execute Trap (GMET), both of which are designed to hardware-accelerate VBS.
Interestingly, Microsoft has suggested that disabling Memory Integrity may be beneficial for gamers seeking improved performance.
Performance Analysis
In a recent analysis conducted by German news outlet ComputerBase (CB), the performance of AMD’s Ryzen 5800X3D was evaluated in conjunction with the enhancements brought by Windows 11 24H2 for the Ryzen 5000 series (Zen 3). The findings indicate a noticeable performance boost in the latest Windows version compared to its predecessor. Nevertheless, VBS continues to pose a challenge, as it has since the introduction of Windows 11 21H2.
The data presented in the accompanying charts illustrates that performance metrics are significantly better when HVCI is disabled, showcasing superior average frames and percentile low figures. Overall, enabling VBS appears to incur an approximate 8% performance penalty.
AMD's Optimizations
For those who may not be aware, AMD has recently rolled out branch prediction-related optimizations, which are now accessible on Windows 11 24H2. These updates have led to substantial performance improvements, particularly for the Ryzen 9000 series. Microsoft has also backported these optimizations to the 23H2 version, as indicated by the “23H2 + Update” data points in the charts.
Source and images: ComputerBase