Major Windows 11 update takes strides towards the holy grail of security

Microsoft says Windows 11 updates aim to deliver security ‘by default’

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Microsofthas lifted the lid on a wealth ofWindows 11updates that it hopes will help alleviate common headaches for IT professionals.

Announced as part of the company’sWindows Power the Future of Hybrid Workevent, the new features equip Microsoft’soperating systemwith additionalcybersecurityoptions to shield users against phishing andmalwareattacks.

There are also improvements from a management perspective, with new features designed to automate thepatchingprocess acrossWindows 11, Edge and Office and simplifyidentity management.

Windows 11 security upgrades

Microsoft claims that protections built into its various services blocked almost 10 billion malware threats, 35 billion maliciousemailsand 25.6 billionpassword-related attacks last year. However, the results of its latest Work Trend Index indicate that businesses continue to feel vulnerable in the newhybrid workingenvironment.

To further harden its defenses, Microsoft is preparing a series of changes for Windows 11 that should help guard against both the most common and most advanced threats.

“Microsoft is continuously investing in improving the default security baseline for Windows and focused on closing gaps on top attack vectors,” wrote David Westonm, VP Enterprise and OS Security at Microsoft.

“With built-in chip tocloudprotection and layers of security, Windows 11 helps organizations meet the new security challenges of the hybrid workplace, now and in the future. With every release we are making Windows more secure by default, designing new protections as we continue to power the future of business.”

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Specifically, Microsoft has developed a new AI-enabled system that stops users running malicious apps on Windows devices, called Smart App Control. The feature leans on an AI model hosted in the Azure cloud to assess the level of threat posed by an executable; if the threat level is high, the application will not be allowed to run.

Microsoft Defender, the in-built Windows 11antivirusservice, will also receive new functionality that protects against phishing attacks by alerting users when they are about to enter their Microsoft account credentials into an untrustworthy website. And in the event a device is stolen or misplaced, new Personal Data Encryption protections will ensure data is resistant to attack.

Lastly, Microsoft has already rolled out an update called Config Lock, which is said to “protect users from themselves”. The feature monitors registry keys to ensure that workers’ devices remain compliant with company security standards. If a breach of policy is detected, the device is automatically reverted to the desired state.

Making management simple

Microsoft is also striving to make the lives of IT professionals simpler, with new functionality that streamlines theendpointmanagement process.

Over the next year, Microsoft says it will roll out a range of updates to give administrators greater oversight and tighter control over Windows 11 endpoints, and minimize the number of queries that need to be actioned by IT.

These improvements will include a feature that automatically sniffs out unpatched software that may be open to attack and installs the relevant updates, and functionality that allows IT departments to temporarily elevate the privileges of a non-administrator when necessary, minimizing the burden onhelpdesks.

A separate update will focus on providing employees with secure access to company resources, enablingVPNconnections that link unenrolled mobile devices to on-premise resources.

Finally, the company is developing a new cloud certificate management solution for public key infrastructure (PKI) designed to make it easier for IT departments to provide employees with the tools they need to do their jobs, which has historically been more complex than any end user might realize.

Joel Khalili is the News and Features Editor at TechRadar Pro, covering cybersecurity, data privacy, cloud, AI, blockchain, internet infrastructure, 5G, data storage and computing. He’s responsible for curating our news content, as well as commissioning and producing features on the technologies that are transforming the way the world does business.

This new phishing strategy utilizes GitHub comments to distribute malware

Should your VPN always be on?

NYT Strands today — hints, answers and spangram for Sunday, November 10 (game #252)