Microsoft talked about new security features in Windows 11

Source: https://cobaltstrike.net/2022/04/06/microsoft-talked-about-new-security-features-in-windows-11/



Microsoft has announced a number of security improvements for devices running Windows 11, designed to help organizations better protect users and data in hybrid environments.

In particular, Microsoft introduced Microsoft Pluto, a security processor implemented directly in AMD Ryzen and Qualcomm versions. In addition, the Smart App Control function was announced, blocking the launch of unsigned and untrusted applications, and management tools included by default to protect against identity theft, user authentication and blocking vulnerable devices.

The announcement of security improvements is part of a more extensive preview of new Windows 11 and Windows 365 features for commercial users. According to the company, the functions will help organizations implement a zero-trust security model, ranging from chips to clouds.

The Pluton processor, which Microsoft reported back in November 2020, is a security processor integrated with a central processing unit. It is designed to protect encryption keys, credentials, and other information and technologies.

Pluton simulates a trusted platform module (TPM) – a chip embedded in the motherboard and providing hardware protection of the facts used during the secure boot process, and the integrity and power of attorney of the platform.

Pluton integrates the TPM functionality not into the motherboard, but directly into the CPU, which makes it more difficult for attackers to extract data from it.

The Smart App Control function prevents malicious applications from running on Windows 11 devices by blocking all unsigned or suspicious programs by default. With the help of real-time threat data collection and artificial intelligence technology, Smart App Control determines whether the application being launched is safe or poses a threat that needs to be blocked.

The next version of Windows 11 will also get the Hypervisor-Protected Code Integrity (HVCI) feature enabled by default. Among other things, this technology is designed to ensure that only safe drivers are loaded on the OS without malicious code.

Start a discussion …