Microsoft is preparing to release a security feature update for Windows 11 (opens in new tab) with the aim of “helping protect hybrid work” from malicious applications and other potential security risks for business users. The price of this extra layer of security will be a clean reinstallation of Windows 11.
Smart App Control is designed by default to prevent you from running malicious apps downloaded from the web, according to Microsoft (opens in new tab) (thanks PCWorld (opens in new tab)). Because the app is built into the OS (hence the necessary reset), it keeps track of things at a process level, using a combination of code signing by the app creator and an “AI model for app trust” to determine if the software is secure. Any app that Windows 11 deems shady will be blocked from opening.
Smart App Control isn’t the only new feature in this security update. There are improvements coming in security and encryption of accounts and credentials. As part of Microsoft zero trust (opens in new tab) push, the idea is to improve protection against phishing attacks and better detection for users visiting websites with compromised security.
“Microsoft is continually investing in improving the Windows standard security baseline and is focused on closing gaps in key attack vectors,” says David Weston, vice president of enterprise security and operating systems at Microsoft.
These new security updates will be available as part of the upcoming “22H2” security update. This means that anyone running 22H1 or earlier on Windows 11 will have to do a mandatory system reset or you can opt out.
If you are still waiting to upgrade to Windows 11, you can wait until this update is released and not have to reinstall Windows.