Windows 11 gets Smart App Control and more security features


The Windows 11 2022 update that has just been released brings several new security features to the operating system. The first major update for Windows 11 brings a new Smart App Control feature that allows users to automatically block potentially harmful apps from running on Windows 11 PCs.

“This feature creates an AI model that uses intelligence, based on the 43 trillion security signals collected daily, to predict whether an application is safe,” said David Weston, vice president, Enterprise and Operating System Security. . “Windows 11 uses the power of AI to generate a continuously updated app control policy that allows common and known safe apps to run while blocking unknown apps often associated with new malware.”

Smart App Control is available on new devices that shipped with Windows 11 2022 Update. Also, existing users will need to cleanly install the latest update to use Smart App Control on their devices. It is also possible for IT administrators to use Microsoft Intune with Windows Defender Application Control to enforce policies.

Many other new security features and management tools that come with Windows 11 2022 Update were originally announced at Microsoft’s Hybrid Labor event in April. Let’s dive into the details below.

Integrity of code protected by the hypervisor

Microsoft has announced that Virtualization-Based Security (VBS) features are now enabled by default on all new Windows 11 devices. These include a Hypervisor Protected Code Integrity (HVCI) feature that helps to prevent the injection of malware into the Windows kernel. Additionally, Microsoft’s Vulnerable Driver Blocklist policy is now enabled by default for new Windows 11 devices and can be enforced through the Windows Security app.

Credential and account protection features

Microsoft has introduced two new security features to protect customers against identity theft. First, Microsoft enabled Credential Guard by default on Windows 11 Enterprise editions. The feature leverages VBS to protect customers against credential theft with techniques such as pass-the-hash and also prevents malware from accessing system secrets.

Additionally, Microsoft has enabled another security feature that prevents malware from abusing the Local Security Authority (LSA) process. Specifically, the feature ensures that the process only loads trusted and signed code to prevent credential theft on new enterprise-integrated Windows 11 devices.

Microsoft adds Smart App Control and more security features to Windows 11

Microsoft Defender Smart Screen gets new phishing protection features on Windows 11 PCs. The security feature alerts customers when entering credentials into a compromised app or website. It also prevents users from reusing passwords and storing them in dangerous places in the system.

Microsoft also released some improvements for Windows Hello for Business. The update adds a new presence detection option for Windows 11 machines equipped with presence sensors. The feature uses Windows Hello for Business to securely sign in and lock devices when a user approaches or leaves. Microsoft has also removed public key infrastructure (PKI) requirements to make it easier for IT administrators to deploy Windows Hello for Business.

Windows 11 version 22H2 adds support for Config Lock

Windows 11 2022 Update brings a new Configuration Lock feature that provides additional protection against unexpected device state changes. It allows IT administrators to use MDM policies to monitor registry keys on each machine. When a change is detected, Configuration Lock automatically reverts it to the desired security policies in seconds. This feature is designed to reduce the burden on IT and security teams.

Finally, Microsoft highlighted the commercial launch of its Pluto security processor. The new chip is available on select Windows 11 PCs with AMD or Qualcomm processors. Microsoft says devices with the Pluto security chip will receive firmware updates through Windows Updates without any manual effort.

In addition to these security-related features, Windows 11 2022 Update also brings various new features including system-wide live captions, improvements for Snap layouts and Focus sessions. There are also new features for Microsoft Teams meetings, and you can find more details in our separate article.


Comments are closed.