Microsoft is getting ready to launch a security feature update for Windows 11 (opens in new tab) aimed to “help protect hybrid work” from malicious apps and other potential security risks for enterprise users. The price for this extra layer of security is going to be a clean reinstall of Windows 11.
Smart App Control is designed by default to prevent you from running malicious apps downloaded from the web, according to Microsoft (opens in new tab) (thanks PCWorld (opens in new tab)). Since the app is woven into the OS (hence the required reset), it keeps track of things on a process level, using a combo of code-signing by the app maker and an “AI model for application trust” to determine if the software is safe. Any app Windows 11 considers shady will be blocked from opening.
Smart App Control isn’t the only new feature coming in this security update. There are improvements coming in account and credentials security and encryption. As a part of Microsoft’s Zero Trust (opens in new tab) push, the idea is to improve protection against phishing attacks and better detection for users visiting websites with compromised security.
“Microsoft is continuously investing in improving the default security baseline for Windows and is focused on closing gaps on top attack vectors,” says David Weston, VP of enterprise and OS security at Microsoft.
These new security upgrades will be available as part of the upcoming “22H2” security update. This means anyone running 22H1 or older on Windows 11 will have to do a mandatory system reset, or you can opt-out.
If you’re still waiting to upgrade to Windows 11, you can hold off until this update goes live and skip having to reinstall Windows.