{"id":121820,"date":"2022-09-20T10:00:00","date_gmt":"2022-09-20T17:00:00","guid":{"rendered":""},"modified":"2025-07-03T05:00:14","modified_gmt":"2025-07-03T12:00:14","slug":"new-windows-11-security-features-are-designed-for-hybrid-work","status":"publish","type":"post","link":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2022\/09\/20\/new-windows-11-security-features-are-designed-for-hybrid-work\/","title":{"rendered":"New Windows 11 security features are designed for hybrid work"},"content":{"rendered":"\n

Attackers are constantly evolving, becoming increasingly sophisticated and destructive\u2014the median time for an attacker to access your private data if you fall victim to a phishing email is 1 hour, 12 minutes.1<\/sup> Microsoft tracks more than 35 ransomware families and more than 250 unique nation-state attackers, cybercriminals, and other actors. We have unparalleled threat intelligence\u2014processing more than 43 trillion signals per day, including 2.5 billion daily endpoint queries and 921 password attacks blocked every second. We work alongside more than 15,000 partners in our security ecosystem and we have more than 8,500 engineers, researchers, data scientists, cybersecurity experts, threat hunters, geopolitical analysts, investigators, and frontline responders across 77 countries. We combine human and machine intelligence with built-in AI to continuously learn from the attack landscape, and we have a dedicated team, the Microsoft Offensive Research and Security Engineering (MORSE), that works to stop threats before they reach your device.2<\/sup> All of this goes into the design process to deliver a more secure Windows with every release.<\/p>\n\n\n\n

\n

\u201cBecause Microsoft designed the security model of Windows 11<\/a> from the ground up to assume that some component has already been compromised, threat actors will find it orders of magnitude more difficult to remain undetected [and persist] in the environment than in traditional architectures.\u201d<\/p>\nSANS Institute<\/a><\/cite><\/blockquote>\n\n\n\n

Protection that evolves with the threat landscape<\/h2>\n\n\n\n

Today, we\u2019re proud to announce that the security features you heard about in April 2022<\/a> are now available on Windows 11.<\/strong><\/p>\n\n\n\n

Application Control<\/h3>\n\n\n\n

We\u2019ve added features that give people the flexibility to choose their own applications, while still maintaining tight security. Smart App Control<\/strong> is a new feature for individuals or small businesses designed to help prevent scripting attacks and protect users from running untrusted or unsigned applications often associated with malware or attack tools.3<\/sup> This feature creates an AI model using intelligence, based on the 43 trillion security signals gathered daily, to predict if an app is safe. App control is known to be one of the most effective approaches to protecting against malware but can be complex to deploy. Windows 11 uses the power of AI to generate a continually updated app control policy that allows common and known safe apps to run while blocking unknown apps often associated with new malware. Our customers have asked us to make this simpler and we have responded.<\/p>\n\n\n\n

The Smart App Control approach achieves the goal of making advanced app control protection widely available. Smart App Control is built on the same same OS core capabilities used in Windows Defender Application Control<\/a>. Smart App Control is provided on all Windows client editions with clean installations of Windows 11 2022 Update. Alternatively, for enterprises, your IT team can use Microsoft Intune with Windows Defender Application Control to remotely apply policies to control what apps run on workplace devices.<\/p>\n\n\n\n

Vulnerable driver protection<\/h3>\n\n\n\n

Malware increasingly targets drivers to exploit vulnerabilities, disable security agents, and compromise systems. Window 11 uses virtualization-based security (VBS) for enhanced kernel protection against potential threats.<\/p>\n\n\n\n