One of the more useful upcoming features within Windows 11 carries with it a major pain point: you’ll need to reset your PC to use it.
Security was arguably one of the fundamental reasons for launching Windows 11, as Windows 11’s restrictive hardware requirements proved. And more are on their way. “In a future release of Windows 11 you’re going to see significant security updates that add even more protection from the chip to the cloud by combining modern hardware and software,” David Weston, vice president of OS security and enterprise at Microsoft, wrote in a blog post on Tuesday.
Microsoft held a “future of hybrid work” seminar on Tuesday, explaining how Microsoft’s Windows 11 and its related technologies would benefit commercial customers and consumers alike. Microsoft announced its new security features alongside a tabbed File Explorer and other new upcoming Windows 11 features, plus specific enhancements for videoconferencing that include AI-generated Eye Contact.
One of those key features is Smart App Control, which Weston described as a “major enhancement to the Windows 11 security model.” Simply put, Smart App Control uses similar techniques as SmartScreen, the protections Microsoft built into Edge, to protect your PC. While SmartScreen uses various signals to alert you that a website might attack your PC via malware or a phishing attack, Smart App Control is baked into the Windows 11 operating system to provide similar protections against malicious apps you may download without truly knowing if they’re safe or not. Each new app that’s run on Windows 11 is checked against this threat intelligence to determine if it will be potentially harmful or not.
Early Windows 11 adopters, however, will essentially be penalized. If you buy a new PC with Windows 11 pre-installed, Smart App Control will automatically be installed. Older devices won’t. “Devices running previous versions of Windows 11 will have to be reset and have a clean installation of Windows 11 to take advantage of this feature,” Weston wrote.
Microsoft has always said that its own Microsoft Store is vetted and will provide secure, trusted apps. But Windows has always allowed users to “sideload” third-party apps and games, and it’s these apps, utilities, and games that Microsoft will more closely inspect.
Other new security features are coming
Microsoft is also baking Microsoft Defender SmartScreen into the OS, which will help protect users from phishing attacks. Presumably, that protection would be available no matter which email client you use.
Microsoft will also add increased encryption on Windows 11 devices, though the company isn’t making clear whether it will be reserved for Windows 11 Enterprise editions or Windows 11 as a whole. A new Personal Data Encryption feature accessible for applications and IT departments will leave users’ data encrypted when a user isn’t signed in. Users must authenticate with Windows Hello for Business to access the data, linking data encryption keys with a user’s passwordless credentials.
Finally, Microsoft is trying to promote Pluton, its security processor that it co-designed with AMD. So far, however, top laptop vendors are ignoring Pluton in favor of Intel’s vPro technology.