Security features coming to Windows 11

Microsoft just held an event to share how Windows will be updated to suit the world in a context where everyone has to work hybrid (a combination of in-person and online). At this event, Microsoft revealed a series of security features that are about to be brought to Windows 11.

First, we will see more and more models of computers using Microsoft Pluton security chips to improve safety. Interestingly, Microsoft has emphasized that Pluton will be the only processor that will be improved and updated through Windows Update thereby reducing some of the burden on businesses. Microsoft says that Pluton is optimized for Windows 11 and puts extra emphasis on its chip security strategy for cloud computing.

Hypervisor-protected Code Integrity (HVCI) will be enabled by default for more Windows 11 devices. As a result, the device will be protected against infected drivers. Vulnerable Driver Blocklist (Vulnerable Driver Blocklist) takes advantage of HVCI and Windows Defender Application Control (WDAC) for this purpose. This is a kernel-level malware damage reduction feature and will be enabled by default on machines with HVCI or Windows 11 SE.

Security features coming to Windows 11 Picture 1 Security features coming to Windows 11 Picture 1

Microsoft will also pre-install Smart App Control on new Windows 11 devices. This solution extends beyond the built-in browser guard to block any malicious apps and unregistered malicious code. Smart App Control is powered by boliwr AI and makes inferences from process improvements every second of the day to ensure that only secure apps are allowed to run. Sadly, current Windows 11 machines need to be reinstalled from scratch (a full reinstall) to take advantage of this feature.

Advanced phishing detection and prevention with Microsoft Defender SmartScreen in Windows alerts users when they insert credentials into a malicious application or website.

Likewise, Credential Guard will use hardware-assisted, virtualization-based security that will be enabled by default on Windows 11. Local Security Authority (LSA) additional protection to Identity confirmation of Windows 11 computers of participating businesses will also be implemented by default in the operating system in the near future.

Personal Data Protection will also be available in Windows 11. To access privileged protected data, users will first need to authenticate through Windows Hello for Business. This ensures that even if your device is lost or stolen hackers cannot access sensitive data.

Finally, Microsoft also reminds businesses and organizations about Config Lock, which is available in Windows 11. This is a function used to monitor registry keys and ensure that they comply with regulations and standards set by the organization. your position and the IT industry set.