The latest major Windows 11 update addresses these issues by bringing in a raft of changes to cater to the new hybrid work era. The security community is cautious in its praise, complimenting Microsoft for ensuring Windows protections evolve with the growing threat landscape while wondering if the company was too late to react. “This is great [but] honestly, this level of protection should have been enabled long ago,” Matthew Fulmer, Manager of Cyber Intelligence Engineering at Deep Instinct, told Lifewire over email. “My only concern is this might be too little, too late, as threat actors already have a great grasp of Windows and how to bypass the majority of the protections in place.”
Smart Controls
The impact of the home doubling up as a place of work is something Dimitri Shelest, CEO of OneRep, which helps people remove their personal information from the internet, is all too familiar with. “The influx of businesses of all sizes demanding our services has increased substantially in 2022, as [people] suffered data exposure that affected their home and work lives,” Shelest told Lifewire over email. Running through the list of features, independent security consultant Mark Burnett, told Lifewire over email that he’s particularly pleased about the Enhanced Phishing Protection, Smart App Control, and Personal Data Encryption features. Building on this, Ryan Sturm, M365 Delivery Engineer with BlueVoyant, recounted a recent incident where he helped a relative with the aftermath of a phishing attack, where the account wasn’t protected with two-factor authentication and had poor password hygiene. “Having [enhanced phishing protection] in place would be a constant reminder to people that they need to be using unique passwords for all online accounts and whether or not one of their existing passwords is at risk and has the potential to cause them financial impacts as well depending on where they are using it,” Sturm told Lifewire over email. Sturm’s equally excited about the Smart App Control feature, hoping it’ll not require as much hand-holding as Windows Defender Application Control.
Ditching Passwords
Stephanie Benoit-Kurtz, Lead Faculty for the College of Information Systems and Technology at the University of Phoenix, believes the biggest feature improvements in this update center around identity. She specifically points to the Windows Defender Credential Guard that prevents malware from accessing system secrets and gaining administrative privileges. There’s also Local Security Authority protection that she says will, for instance, block the installation of keystroke recorders and other ways that attackers attempt to steal credentials and passwords. “The number one way that bad actors gain access is through the theft or take over of credentials,” Benoit-Kurtz told Lifewire in an email. “These new features that have been introduced really help change the game on identity, passwords, and credential security.” The two features that excite most of our experts, including Harman Singh, Director of Cyphere, are virtualization-based security (VBS) and Hypervisor-protected code integrity (HVCI). Explaining their significance, Singh said VBS, which helps Windows 11 compartmentalize different critical components to ensure compromising one doesn’t automatically give access to the other, will be particularly useful for essential system functions such as user credentials. On the other hand, HVCI will run everything virtualized, far removed from other Windows 11 critical components. “This can help mitigate attacks, such as the Genshin Impact anti-cheat campaign, which targeted casual gamers and bypassed antivirus solutions to mass-drop ransomware,” explained Fulmer, adding that having it enabled by default will add a layer of security most gamers never think they need. Burnett is impressed Microsoft has managed to extend these security features without adding an extra burden on people. He argued that while many people won’t even notice the extra security features, the features should make their presence felt through a drop in the number of malware threats. “Microsoft is pitching Windows 11 as different from other OS due to its effort on improving user safety and privacy,” agreed Singh. “Whether that delivers what it says on the tin, we will know with time.”