Microsoft has added a new security feature for Windows 11 to help protect hybrid work. In a future version of Windows 11, there will be a lot of big security changes. These changes will create it even more difficult for hackers to get into your computer. Microsoft is always working to improve the default security level for Windows. In Windows 11, a built-in chip protects the cloud and layers of security.
This helps organizations meet the new security challenges of the hybrid workplace now and in the future. VP of enterprise and OS security at Microsoft, David Weston, said this: “We need to make sure that we will not get hacked again.” In the next version of Windows, we will make security even better. We’re adding built-in protections that can help you defend against more sophisticated and targeted phishing attacks. Announcements about new security features for Windows 11 can be found here:
- Pluton SHIPPING
- HVCI/VBS on default ALL CPUs
- Creditguard default ON
- LSASS Protection default ON
- EXE signed or rep REQUIRED
- Script Blocking from Internet ON
- Enhanced Phishing ON
- File Layer Encryption with Hello ON
People who want to use hybrid computers in the future can use many safety features in Windows 11. In Windows 11, hardware and software operate together to keep your computer safe, from the CPU to the cloud, so you are not allowed to have trouble with anything.
Windows 11’s New Security Features
In Windows 11, there will be many more security features that will make it easier to keep your work and personal data safe. Pluton, Default App Control, Default Credential Protection, Phishing, and Personal Data Encryption will be added.
Microsoft Pluton Processor
Microsoft Pluton is built on the idea that there is no trust in it. Security features in Windows 11 help protect the OS and the user’s credentials as soon as the device starts up. These include the TPM 2.0, Firmware and Identity Protection, Direct Memory Access, Memory Integrity Protection, etc.
There are a lot of important security and functionality updates that come through Windows Update. Pluton is the only security processor that stays up to date with these updates, just like any other Windows component. Adding the Pluton processor to Microsoft’s work with other people, like Project Cerberus, makes the computer more secure. Cerberus can verify the CPU’s identity, which makes the computer more secure as a whole.
Pluton also solves a big security problem: Pluton makes it easy to keep the system firmware up to date across the whole PC world. Using Pluton, you can run firmware written, maintained, and updated by Microsoft on your computer. Pluton is a flexible, updatable platform for running this firmware. Microsoft will make Pluton for Windows computers work with the Windows Update process in the same way that the Azure Sphere Security Service connects to IoT devices.
Smart App Control
Smart App Control is a big change to the Windows 11 security model. It stops people from running malicious apps on Windows devices that don’t allow untrusted or unsigned apps by default. When a modern application is run on Windows 11, its core signing and core characteristics are checked against this model to ensure only safe apps can run.
This means that Windows 11 users can ensure that the apps they use on their new Windows devices are safe and reliable. On new devices with Windows 11, Smart App Control will come with it already. To use this new feature, devices that already run Windows 11 will have to be reset and begin over with a new installation of Windows 11.
Another one of the new security features in Windows 11 is Password Security for Microsoft Defender SmartScreen. Microsoft Defender SmartScreen, built into Windows, will help protect users from phishing attacks by alerting them when they enter their Microsoft credentials into a malicious app or a hacked website.
Make Windows the first operating system in the world with phishing safeguards in it that are built into the platform and shipped right out of the box to help people stay productive and safe without having to learn how to be their own IT department.
In the future, Credential Guard will be turned on by default for organizations that use the Enterprise version of Windows 11 and have it installed. Use hardware-backed, virtualization-based security windows to help protect your computer from attacks like passing the hash or passing the ticket. It also helps keep malware from getting hold of system secrets even if it is running as an admin.
Additional security for the Local Security Authority (LSA)
Windows has a lot of important ways to make sure that a user is who they say they are. The Local Security Authority (LSA) is one process that makes sure people are who they say they are and that their Windows logins work. It keeps track of user credentials, like passwords and tokens used for single sign-on to Microsoft accounts and Azure facilities. LSA protection will be turned on by default on new, enterprise-joined Windows 11 devices. This will make it much more difficult for hackers to steal credentials because only trusted, signed LSA will load code.
Secured-Core Configuration Lock (Config Lock)
Config Lock is one of the new security features in Windows 11 that makes it even safer. This feature is called Configuration Lock, and it’s part of Microsoft’s Secured-Core PC (SCPC). It makes sure that the configuration of Secured-Core PC features doesn’t change because of accidental misconfiguration. It’s called a “Config Lock,” and it makes it.
- IT can now “lock” itself. Secured-Core PC features, when managed through MDM
- Detects drift remediate within seconds
- DOES NOT stop malicious attacks.
Windows 11 with Configuration Lock lets IT administrators keep the OS configuration where they want it to be and stop it from changing. The OS keeps an eye on the registry keys that control each feature with a config lock. When it detects a change, it goes back to the state the IT department wants in seconds. Monitoring registry keys through mobile device control (MDM) policies can help you make sure that the devices in your ecosystem meet industrial and company security standards.
This feature is already available in Windows 11. In seconds, if Config Lock recognizes a change in registry keys, this will automatically put the affected system back to the way it was when it was set up by IT. With Config Lock, IT admins can be sure that the devices in their company are safe and that users haven’t changed important security settings.
Block Vulnerable Drivers with Hypervisor-Protected Code Integrity (HVCI)
HVCI will be turned on by default on a wider range of devices running Windows 11 in the next version of Windows. This feature stops hackers from putting their malicious code on the computer, like WannaCry. It also helps ensure that all the drivers on the computer are signed and safe.
You can set up Windows Defender Application Control (WDAC) to automatically block drivers that are known to be vulnerable. This helps prevent advanced persistent threats (APTs) and cyberattacks from using and exploiting known vulnerable drivers.