Microsoft has unveiled significant improvements to Windows security, focusing on user protection and enhanced information access. As part of the Secure Future Initiative, announced in November 2023, Windows will now include default runtime integrity safeguards.
Introduction of Windows Baseline Security Mode
To bolster security measures, Microsoft is introducing the Windows Baseline Security Mode. This feature is designed to ensure that only verified applications, drivers, and services are permitted to operate, effectively reducing the risk of tampering and unauthorized modifications.
In scenarios where exceptions are necessary, both users and administrators will have the capability to bypass these safeguards. Additionally, developers can monitor the activation status of these protections and any granted exceptions, providing them with enhanced control over their applications’ operational conditions.
Enhanced Secure Boot and User Transparency
Coinciding with this announcement, Microsoft disclosed that Secure Boot certificates are set to expire in June, with updated certificates to be distributed to compatible Windows versions. Secure Boot is critical for safeguarding devices from unauthorized software during startup.
Furthermore, Microsoft is enhancing transparency with the introduction of User Transparency and Consent. This feature will alert users when applications attempt to access sensitive resources or install additional software, offering clear, actionable prompts and the ability to review and alter choices later.
Developers and IT Administrators: New Tools and Expectations
Microsoft emphasizes the need for higher transparency standards for apps and AI agents, benefiting both users and IT administrators by providing better insight into application behaviors. The goal is to give users greater visibility and control over how applications access personal data and device resources.
To support developers, Windows will offer tools and APIs to facilitate the adoption of these new security and privacy standards. Existing compliant applications will continue to function, allowing developers to adapt to the new requirements at a gradual pace.
Microsoft plans to implement these enhancements in stages, collaborating with developers and partners to incorporate feedback and ensure a smooth transition.
These updates are part of a broader strategy to strengthen digital security and privacy, aligning with Microsoft’s commitment to a safer computing environment.
