Add Windows Hello PIN to conclusion and enhance security details in identity protection documentation

windows/security/book/conclusion.md

@@ -33,6 +33,7 @@ Enhanced:
 - [Personal data encryption (PDE)](operating-system-security-encryption-and-data-protection.md#personal-data-encryption-pde)
 - [Server Message Block file services](operating-system-security-network-security.md#server-message-block-file-services)
 - [Universal Print](cloud-services-protect-your-work-information.md#universal-print)
+- [Windows Hello PIN](identity-protection-passwordless-sign-in.md#windows-hello-pin)
 - [Windows Local Administrator Password Solution (LAPS)](cloud-services-protect-your-work-information.md#windows-local-administrator-password-solution-laps)
 - [Windows Subsystem for Linux (WSL)](application-security-application-isolation.md#windows-subsystem-for-linux-wsl)
 

windows/security/book/identity-protection-passwordless-sign-in.md

@@ -35,6 +35,10 @@ The Windows Hello PIN, which can only be entered by someone with physical access
 
 The TPM protects against threats including PIN brute-force attacks on lost or stolen devices. After too many incorrect guesses, the device locks. IT admins can set security policies for PINs, such as complexity, length, and expiration requirements.
 
+[!INCLUDE [new-24h2](includes/new-24h2.md)]
+
+If you're using a device without built-in biometrics, Windows Hello has been further strengthened by default to use Virtualization-based Security (VBS) to isolate credentials. This added layer of protection safeguards against admin-level attacks. Even if you sign in with a PIN, your credentials remain secure thanks to VBS.
+
 ### Windows Hello biometric
 
 Windows Hello biometric sign-in enhances both security and productivity with a quick and convenient sign-in experience. There's no need to enter your PIN; simply use your biometric data for an easy and delightful sign-in.