Windows 11: Security updates for "the world's most secure operating system"
Microsoft significantly expands Windows' security functions following the CrowdStrike debacle. Third-party developers are being kept on a tight leash too.
Updates are available.
(Image: Bild erstellt mit KI in Bing Designer durch heise online / dmk)
Microsoft is announcing important updates for Windows at Ignite. Security in particular is the focus of this year's in-house exhibition –. After all, Windows 11 is already "the most secure operating system in the world", as the announcement emphasizes. However, as this is apparently not enough, Microsoft has now launched the Windows Resiliency Initiative. It aims to improve security in four steps.
Firstly, Microsoft wants to learn from the knowledge gained by Windows developers after the CrowdStrike disaster. In addition, more applications and users should be able to work without admin rights. There will also be stricter controls on which applications and drivers can be executed. And finally, Microsoft wants to improve identity protection to prevent phishing attacks.
The long CrowdStrike shadow
What does this mean in concrete terms? As a result of the CrowdStrike outage, Microsoft is releasing the Quick Machine Recovery function. This allows administrators to make specific fixes to their managed systems via Windows Update –, even remotely, without the need for physical access. This should enable users to work with their computers again faster than before in the event of an error. Windows Insiders will be able to test the feature from the beginning of 2025.
Do you already know about the free iX newsletter? Register now and don't miss anything on the monthly publication date: heise.de/s/NY1E The next issue will be about the cover topic of the December iX: PyCharm, VS Code and Neovim as development environments for Python.
There are clearer announcements for security software providers: In the wake of the CrowdStrike debacle, the software company invited the partners of the Microsoft Virus Initiative (MVI) to a summit, the official results of which are now available. On the one hand, Microsoft is obliging third-party developers to test their security products more rigorously and improve their incident response processes. This includes the gradual distribution and monitoring of updates as well as recovery procedures for faulty updates.
In addition, as announced shortly after the summit, Microsoft wants to run anti-virus software outside of the Windows kernel – However, it remains to be seen whether the plan is to seal off the kernel completely. The aim is to ensure that errors in the security tools no longer paralyze the entire operating system, as happened with CrowdStrike. Partners will receive a private preview of this in July 2025.
Videos by heise
Passkeys and TPM 2.0
Finally, Microsoft refers to the most recently introduced security features, for example the extended passkey support in Windows Hello, minimum hardware requirements such as the TPM 2.0 requirement, application certifications and guidelines for this as well as improved protection of the admin rights of the respective Windows client. An overview of Microsoft's current work in the area of security can be found in the Windows 11 Security Book.
(fo)
