Back in April, Microsoft introduced a number of new security features for Windows 11 and announced that they would be coming soon to a “future release” of the OS. It turns out that in this statement, the company was referring to the Windows 11 2022 update, which is now out. Microsoft has confirmed that all of the security improvements announced months ago are now publicly available in Windows 11.
This time the headliner is Smart App Control, which is based on an artificial intelligence model and helps to detect and block potentially unsafe applications from running on your PC. Intelligent Application Control is built on top of Windows Defender Application Control (WDAC) and processes signals daily. However, as explained earlier, you will need to perform a clean install of your PC in order to use this feature. The feature is intended for individuals and small businesses.
In terms of driver protection, we have Hypervisor Code Integrity Protection (HVCI) and a list of blocked vulnerable drivers, both of which will be enabled by default.
The former actually runs the kernel code in a virtualization-based security (VBS) environment using a Kernel Mode Integrity (KMCI) check instead of the actual Windows kernel. This process ensures that all kernel code is verified, secure, and signed before it is allowed to run in the Windows kernel. In essence, this is protection against malware at the kernel level. Meanwhile, the list of blocked vulnerable drivers will protect your computer from malicious drivers and related behaviors.
In terms of small improvements and existing features, we have the following:
- Windows Defender Credential Guard is enabled by default in Windows 11 Enterprise to protect against credential theft.
- Credential isolation with Local Security Authority (LSA) protection is enabled by default to verify the identity of Windows 11 computers connected to your organization.
- Microsoft Defender Smartscreen’s advanced phishing detection will tell you when you enter your credentials in a known, compromised app or website.
- Windows Hello for Business allows you to work without a password and also simplifies deployment.
- Devices with presence sensors now allow secure, hands-free sign-in with Windows Hello.
- Config Lock can be used to monitor registry keys and ensure they meet baselines set by your organization and the IT industry as a whole.
Finally, Microsoft stressed the importance of a PC with the Microsoft Pluton security chip, which guarantees increased security at the hardware level. And for Windows 11 Insiders using a PC with a secure core to protect against firmware compromise, a new prompt will appear in the Windows Security app to alert them if their device supports Windows Defender System Guard but it’s not enabled. This feature will be available to the general public soon, but is not yet included in the Windows 11 2022 update.