Skip to main content
Microsoft Security

New security features for Windows 11 will help protect hybrid work

Attackers haven’t wasted any time capitalizing on the rapid move to hybrid work. Every day cybercriminals and nation-states alike have improved their targeting, speed, and accuracy as the world adapted to working outside the office. These changes have put “cybersecurity issues and risks” at the top of the list when it comes to worries or concerns for business decision-makers in the year ahead, as shown in new data from Microsoft‘s 2022 Work Trend Index.1 Malware, stolen credentials, phishing attacks, devices that lack security updates, user error, and physical attacks on lost or stolen devices are major concerns for security and IT teams as they try to protect their workforce.

In 2021, protections built into Windows, Azure, Microsoft 365, and Microsoft Defender for Office 365 have blocked more than 9.6 billion malware threats, more than 35.7 billion phishing and other malicious emails, and 25.6 billion attempts to hijack our enterprise customers by brute-forcing stolen passwords—that’s more than 800 password attacks per second. The intelligence we get from this, combined with the 8,500 security professionals we have and 24 trillion security signals processed by our cloud every 24 hours, gives us a unique view into what our customers need to protect themselves from threats now and in the future. The combination of modern hardware and software required for Windows 11, delivered alongside our ecosystem partners, is what will enable us to help protect our customers from wherever and however they choose to work.

Security designed for hybrid work

In a future release of Windows 11, you’re going to see significant security updates that add even more protection from the chip to the cloud by combining modern hardware and software. Microsoft has made groundbreaking investments to help secure our Windows customers with hardware security innovations like Secured-core PCs. Our data shows that these devices are 60 percent more resilient to malware than PCs that don’t meet the Secured-core specifications. The stronger protection these devices provide helped build the foundation that the Windows 11 hardware baselines were designed upon. In upcoming releases of Windows, we are advancing security even further with built-in protections to help defend from advanced and targeted phishing attacks. We’re also adding more protection for your applications, personal data, and devices and empowering IT with the ability to lock security configurations as more enterprise devices are sent directly to users. Here’s a look at what’s coming to Windows 11 to help our customers combat the biggest security challenges of distributed work scenarios and the threat landscape of the future.

Zero Trust security, from the chip to the cloud, rooted in hardware

“While the industry has made great strides in defending against increasingly sophisticated attacks, there’s always more to be done in the realm of hardware and software protection. The best way to propel the ecosystem forward and raise the bar for platform integrity is to leverage open standards; the Pluton security processor does exactly that.”—Michael Mattioli, Co-chair, Supply Chain Security Work Group at Trusted Computing Group, Vice President of Hardware Security, Goldman Sachs.

App security without the app store from Smart App Control 

Increased account and credential security

Personal Data Encryption adds a second layer of security for personal data

Protect users from themselves with Config Lock

Block vulnerable drivers by default with HVCI

The Microsoft vulnerable driver blocklist feature enabled in the Core isolation page within the Windows Security app.

Redesigning security from the chip to the cloud

Microsoft is continuously investing in improving the default security baseline for Windows and is focused on closing gaps on top attack vectors like those we shared here today. Those investments are designed to help simplify and deepen the security experience for Windows customers by default. With built-in chip to the cloud protection and layers of security, Windows 11 helps organizations meet the new security challenges of the hybrid workplace, now and in the future. With every release, we are making Windows more secure by default, designing new protections as we continue to power the future of business.

Check out our breakout security session to see how these upcoming Windows Security features help protect you from real-world attacks. And learn more about Windows 11 security in our Windows 11 Security Book.

To learn more about Microsoft Security solutions, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us at @MSFTSecurity for the latest news and updates on cybersecurity.


1The Work Trend Index survey was conducted by an independent research firm, Edelman Data x Intelligence, among 31,102 full-time employed or self-employed workers across 31 markets between January 7, 2022 and February 16, 2022. Business leaders were asked, “When you think ahead to the next year, what are the biggest obstacles or challenges you’re most worried about?” Cyber security challenges ranked number one; meeting increased customer demands/needs and navigating external factors like supply chain disruptions and inflation ranked two and three.

2Secured-core PCs: A brief showcase of chip-to-cloud security against kernel attacks, Windows Platform Security Team, Microsoft Security. March 17, 2020.

3A worthy upgrade: Next-gen security on Windows 10 proves resilient against ransomware outbreaks in 2017, Tanmay Ganacharya, Microsoft Security. January 10, 2018.