Following the incident that
took down thousands of Windows PCs worldwide in July of this year, Microsoft announced a set of improvements for its operating system to strengthen the reliability and security of the Windows ecosystem under the Windows Resiliency Initiative.
According to Microsoft, the Windows Resiliency Initiative focuses on four key areas: improving reliability, reducing reliance on administrative privileges, improving controls over what drivers are allowed to run, and preventing phishing attacks.
The first improvement is Quick Machine Recovery. This feature is intended to help deal with situations like the CrowdStrike outage in July 2024. Quick Machine Recovery will enable IT administrators to deploy critical fixes and Windows updates on systems that cannot boot, say, due to blue screens of death, boot loops, or other critical errors. Microsoft will make sure those fixes can be deployed remotely with no need for physical access to the target PC.
Quick Machine Recovery will be available for testing in the Insider Program in early 2025.
Windows 11 is also getting new security features to reduce risks of "overprivileged users," unverified apps and drivers, and insecure credentials.
Administrator protection, which is currently in preview, will help users with standard-permission profiles execute necessary system changes and app installations when needed. Actions that require elevated privileges will prompt authorization with Windows Hello, which, in turn, will create a temporary isolated admin token. That token is destroyed once the action is done, ensuring attackers cannot hijack elevated admin profiles.
Other changes in the Windows Resiliency Initiative that are now available or available in preview include passkey support in Windows Hello for credential protection, Smart App Control and Windows Protected Print, Personal Data Encryption for known folders, Windows Hotpatch, Configuration Refresh, and more.
www.neowin.net
