Microsoft has announced a slew of new security features for Windows 11 designed specifically for ‘hybrid work.’ Essentially, these changes will result in significant security updates that will add more protection to your PC, covering everything from hardware to software to the cloud. However, one security feature may force Windows 11 users to reinstall the operating system in order to use it. The new feature in question is the ‘Smart App Control,’ which Microsoft’s Vice President of Enterprise and OS Security David Weston describes as a significant improvement to the Windows 11 security model. Windows by default prevent the execution of untrusted and unsigned applications in order to prevent users from unintentionally running harmful programs. More information can be found here: New Windows 11 encryption features and security enhancements will help protect hybrid work.
You may also check the following posts below:
- How to Block downloads on Microsoft Edge using GPO on Windows Server 2019 and 2022
- How to Upgrade Windows 11 Pro to Enterprise and vice Versa
- How to Create a Restore Point in Windows 11
Smart App Control expands on this by integrating security measures into the core of the OS at the process level, only allowing processing to run if it has been deemed safe, either through the use of proper certificates or approval from an AI model for application trust within the Microsoft cloud.
To enable the Smart App Control security feature, navigate to
Windows Security > App & Browser Control > Smart App Control.
While ensuring that Windows 11 users are safer than ever before by only allowing properly licensed and authorized programs to run, it appears that there is an unanticipated drawback. Because Smart App Control is built into the core of the operating system, new devices with fresh installs of Windows 11 will be unaffected. However, devices that are already running Windows 11 will need to be reset and reinstalled in order to take advantage of this new security feature.
It’s not surprising to see Microsoft doubling down on improving security measures in Windows 11; this is one of the reasons why Windows 11 had such stringent requirements, such as requiring TPM 2.0 for improved security. And, while Smart App Control is an intriguing addition, there is a doubt if many Windows 11 users will be willing to go through the trouble of backing up their data and reinstalling the operating system for it. Windows 11 is also struggling to achieve widespread adoption, with only nearly 20% of PCs, according to AdDuplex currently running it. I don’t think Microsoft’s move to punish early adopters will do much to persuade users to switch to Windows 11.
Weston went on to discuss other security enhancements coming to Windows 11 as part of the upcoming 22H2 security update in great detail. These improvements include improved phishing detection and protection with Microsoft Defender SmartScreen, personal data encryption, a configuration lock that monitors registry keys in the system, and improved protection against vulnerable drivers.
Enabling the New Phishing Protection
Hackers have recently targeted streaming services, parking meters, and those paying taxes, proving that phishing is still a concern. With this in mind, one of Windows 11’s newest security features is meant to fight against such attacks. This, as well as other new security enhancements, will be available later this year.
When enabled, Windows 11’s enhanced phishing protection will alert users if they enter Microsoft account information into websites or programs known for phishing scams. It also safeguards against misleading advertising.
To enable the feature, navigate to
Windows Security > App & Browser Control > Reputation-based Protection > Phishing Protection. Phishing protection can optionally warn users about reused and insecurely stored passwords.
Fortunately, there are no strict conditions attached to activating Windows 11’s phishing protection.
Microsoft also intends to implement personal data encryption, allowing Windows Hello for Business to protect users’ data on lost or stolen devices. The next version of Windows 11 will also enable Hypervisor-Protected Code Integrity by default, ensuring that only signed and trusted drivers are loaded. In the upcoming days, there will be more updates on other upcoming security features for Windows 11 operating system from Microsoft. Stay tuned!!