The just-released Windows 11 2022 Update is bringing several new security features to the OS. The first major update for Windows 11 brings a new Smart App Control feature that lets users automatically block potentially dangerous apps from running on Windows 11 PCs.
“This feature creates an AI model using intelligence, based on the 43 trillion security signals gathered daily, to predict if an app is safe,” explained David Weston, Vice President, Enterprise and Operating System Security. “Windows 11 uses the power of AI to generate a continually updated app control policy which allows common and known safe apps to run while blocking unknown apps often associated with new malware.”
Smart App Control is available on new devices that ship with the Windows 11 2022 Update. Moreover, existing users will need to clean install the latest update to use Smart App Control on their devices. It is also possible for IT admins to use Microsoft Intune with Windows Defender Application Control to apply policies.
Many other new security features and management tools coming with the Windows 11 2022 Update were originally announced during Microsoft’s hybrid work event back in April. Let’s dive into the details below.
Microsoft has announced that virtualization-based security (VBS) capabilities are now enabled by default on all new Windows 11 devices. These include a hypervisor-protected code integrity (HVCI) feature that helps to prevent malware from being injected into the Windows kernel. Moreover, the Microsoft vulnerable driver block list policy is now on by default for new Windows 11 devices and can be enforced via the Windows Security app.
Microsoft has introduced two new security features to protect customers from identity theft. First off, Microsoft has enabled Credential Guard by default on Windows 11 Enterprise editions. The feature leverages VBS to protect customers from credential theft with techniques like pass-the-hash and also prevents malware from accessing system secrets.
Additionally, Microsoft has enabled another security feature that prevents malicious programs from abusing the Local Security Authority (LSA) process. Specifically, the feature ensures that the process only loads trusted and signed code to prevent credential theft on new enterprise-joined Windows 11 devices.
Microsoft Defender Smart Screen is getting new phishing protection capabilities on Windows 11 PCs. The security feature alerts customers while entering credentials into a compromised application or website. It also prevents users from reusing passwords and storing them in unsafe locations on the system.
Microsoft has also released some improvements for Windows Hello for Business. The update adds a new presence sensing option for Windows 11 machines that come with presence sensors. The feature uses Windows Hello for Business securely log in and lock devices when a user approaches or leaves. Microsoft has also removed the public key infrastructure (PKI) requirements to make it easier for IT admins to deploy Windows Hello for Business.
The Windows 11 2022 Update brings a new config lock feature that offers additional protection against unexpected device state changes. It lets IT admins use MDM policies to monitor registry keys on each machine. When a change is detected, Config lock automatically reverts it to the desired security policies within seconds. The feature is designed to reduce some burden on IT and security teams.
Lastly, Microsoft has highlighted the commercial launch of its Pluton security processor. The new chip is available on select Windows 11 PCs with AMD or Qualcomm processors. Microsoft says that devices with the Pluton security chip will receive firmware updates through Windows Updates without any manual effort.
In addition to these security-related features, the Windows 11 2022 Update also brings various new features, including system-wide Live Captions, improvements for Snap Layouts, and Focus sessions. There are also some new features for Microsoft Teams meetings, and you can find more details in our separate post.