CATEGORIES
home News

Facepalm: Microsoft's Huge Incoming Windows 11 Security Upgrade Requires A Clean Install

by Lane BabuderWednesday, April 06, 2022, 01:43 PM EDT
windows security news
Do you remember when Microsoft said Windows 10 is "...the last Windows?" We sure do. It is obvious now that the Redmond software giant has walked back on that claim, as it has since released Windows 11. And apparently, for Windows 11, yet another OS installation could be in your future.

According to a recent post on the Microsoft Security Blog, the latest security update to Windows 11 will include a new enhancement known as Smart App Control. For users of the OS to take advantage of the feature, Microsoft states that "Devices running previous versions of Windows 11 will have to be reset and have a clean installation of Windows 11..."

Smart App Control for Windows 11 looks to expand upon the application and code-signing model that Microsoft introduced with Windows Vista. The first iterations of application signing were much-maligned due to inconsistencies in developers adhering to the signing functionality at the time. Today it is less of a problem, and there are some easy bypasses for developers. The reason for the reinstall of Windows requirement is related to a core OS change that allows the feature to interact directly with hardware. Most notably the TPM module, a key component in security hardware and even software today, and a requirement for Windows 11 installs. There may be other headaches as well, though.

Windows Core Isolation screenshot
The Smart App Control feature works with the existing code-signing platform and an AI platform that generates a trust model via the Microsoft cloud. If it works as expected, we could see the end of the "run anyway" prompt for unsigned applications the AI model deems "safe." From an "enthusiast" standpoint, though, this feels like a double-edged sword. Many things like overclocking tools and open-source applications that are very useful are often unsigned. Those applications could be automatically considered safe by the AI models, but sometimes overclocking software can get marked as "dangerous" because they tend to modify hardware configurations.

These annoyances aside, there are a large number of significant improvements in security for this update. One major change is additional protection for the Local Security Authority. While there was an update to Microsoft Defender for this at the enterprise level recently, consumers had to sit tight. The update also includes improvements to Microsoft Defender SmartScreen for phishing detection, and Credential Guard will be on by default.

win11 generic device windows update
It does seem like Microsoft's latest major update to Windows 11 is quite possibly one of the largest security updates we've seen for Windows in a very long time. Though most of these changes we view as good things, it is annoying to have to reinstall if you want the whole package.
Tags:  Microsoft, (nasdaq:msft), windows-11
TOP CONVERSATIONS
Your Next PC Platform?
More Results
KEEP INFORMED
SITE

Home

Reviews

News

Blogs

Full Site

Sitemap

CATEGORIES

PC Components

Systems

Mobile

IT Infrastructure

Leisure

Videos

COMPANY

About

Advertise

News Tips

Contact

Privacy And Terms

HotTech

MORE

Accessibility

Shop

STAY CONNECTED

Twitter

Facebook

YouTube

RSS

As an Amazon and Howl Technologies Associate, HotHardware earns a commission from qualifying purchases made on this site. This site is intended for informational and entertainment purposes only. The contents are the views and opinion of the author and/or his associates. All products and trademarks are the property of their respective owners. Reproduction in whole or in part, in any form or medium, without express written permission of Hot Hardware, Inc. is prohibited. All content and graphical elements are Copyright © 1999 - 2024 David Altavilla and Hot Hardware, Inc.
All rights reserved. Privacy and Terms - Accessibility Commitment