Microsoft Unveils New Security Features for Windows 11, Microsoft Intune, and More

Windows 11 2022 Update

Key takeaways:

  • Microsoft unveiled enhanced security features at its Surface and AI event in New York yesterday.
  • These updates include passwordless access with Passkey support in Windows 11, app control for business in Microsoft Intune, and a Config Refresh feature for IT admins.
  • Microsoft is expanding OneDrive Advanced Security to Microsoft 365 Basic, introducing credit monitoring and privacy protection in Microsoft Defender for Individuals, and preparing for the Windows 11 Fall update on September 26.

Microsoft held its Surface and AI event where the company unveiled several new security features and updates set to transform the digital landscape. With a commitment to a ‘security-first’ mindset, Microsoft is forging ahead with advancements in Windows 11, Microsoft Intune, Microsoft 365, and Microsoft Defender.

“As we rapidly iterate and improve technology, it’s imperative that we do so with a security-first mindset. This means both building products that are secure by default and ensuring that we are adopting and deploying new technologies, like AI, in a secure and responsible way,” said Vasu Jakkal, Corporate Vice President for Security, Compliance, Identity, and Management.

Enhanced passkey support in Windows 11

Microsoft plans to add a new feature that will make it possible to use Windows Hello to sign into any application or website with their fingerprint, face, or device PIN. However, users will first need to create a passkey for a passwordless experience on Windows 11 PCs. Microsoft says that users will be able to use passkeys to access several services like,, and more.

App Control for Business policies with Microsoft Intune

Microsoft is bringing new custom app control for Business policies within Microsoft Intune. App Control for Business (formerly called Windows Defender Application Control) allows customers to block potentially unwanted apps from running on Windows 11 machines. The security feature should help to protect users against malware attacks. IT admins can use Microsoft Intune or other MDM solutions to configure approved, secure, and trusted apps that can run in business environments.

Config Refresh

A new Config Refresh feature will let IT admins configure a setting in Policy Configuration Service Provider (CSP) to reset Windows 11 devices every 90 minutes or 30 minutes by default. This capability is designed to prevent malicious software or malware from making any unexpected changes in the settings configured by IT admins.

OneDrive Advanced Security coming to Microsoft 365 Basic

Microsoft is bringing several OneDrive Advanced Security features to Microsoft 365 Basic. These include expiring sharing links, unlimited files in Personal Vault, files restore, password-protected sharing links, as well as ransomware detection and recovery. These capabilities will be available for Microsoft 365 Basic subscribers on October 12.

Microsoft Defender for individuals gets credit monitoring and privacy protection

Microsoft Defender for individuals is getting support for credit monitoring and privacy protection services. The privacy protection feature prevents threat actors from stealing sensitive information when users are connected to open and public Wi-Fi networks. Moreover, credit monitoring notifies users about any malicious activities related to their credit. However, these capabilities are only available for users based in the US.

In case you missed it, Microsoft is also getting ready to release its Windows 11 Fall update on September 26. The release will include Windows Copilot, Passkey support, Windows 365 Switch and Windows 365 Boot capabilities, as well as several other Windows 365 Cloud PC features.