A company-wide commitment to security
Microsoft is steadfast in its dedication to security and reliability, as evidenced by its ongoing investments and the progression of the Secure Future Initiative (SFI). The recently released November 2025 SFI Progress Report highlights the company’s extensive commitment to safeguarding digital environments. With a workforce equivalent to 34,000 full-time engineers focused on enhancing protection, resilience, and trust, SFI stands as the most ambitious cybersecurity initiative in digital history.
The innovations within Windows and Surface are a testament to SFI’s foundational principles: Secure by Design, Secure by Default, and Secure Operations. These principles are intricately woven into both engineering processes and customer experiences, resulting in tangible advancements in security that allow organizations to maintain productivity with minimal interruptions.
Windows: advancing security and resilience for every user
The latest updates to Windows reflect a strong emphasis on security and resilience. Innovations inspired by SFI principles have led to enhanced identity protection, expedited recovery from disruptions, and seamless security updates that significantly reduce operational impact.
- Passwordless sign-in:
Windows 11 introduces Passkeys and FIDO2 credentials, allowing for secure and convenient authentication without the need for passwords. This approach mitigates the risks associated with phishing and credential theft, simplifying the sign-in process for users and IT teams alike.
Learn more about passwordless sign-in and authentication. - Phishing-resistant multi-factor authentication (MFA):
This robust MFA solution verifies identities and ensures accountable access, adhering to Zero Trust principles. It significantly lowers the chances of account compromise, with nearly all Microsoft users and devices now employing phishing-resistant methods.
Learn more about phishing-resistant MFA. - Hotpatch updates:
Windows Hotpatch enables devices to receive security updates without necessitating a restart. This feature allows users to remain productive while IT teams uphold security standards with minimal disruption. Impressively, 81% of Microsoft’s enrolled devices achieve compliance within 24 hours of Patch Tuesday.
Learn more about Windows Hotpatch. - Quick machine recovery:
In the event of a boot failure, Windows 11 can automatically initiate a secure, cloud-connected recovery process. This capability reduces downtime, facilitates remote troubleshooting, and protects against sophisticated boot-time attacks, thereby helping organizations restore productivity swiftly.
Learn more about quick machine recovery.
Surface: raising the bar for device security and trust
Surface takes the lead within the Windows ecosystem by enabling all recommended security features by default, while also developing new innovations that benefit the wider community. This leadership is evident in three primary areas:
- Industry-leading firmware security:
Surface is at the forefront of creating modern, memory-safe firmware to combat prevalent security vulnerabilities such as buffer overflows and use-after-free errors. Notably, 70% of security vulnerabilities addressed by Microsoft each year are linked to memory safety issues. By utilizing Rust-based UEFI firmware and Secure Embedded Controller designs, Surface fortifies defenses against advanced attacks and supply chain threats, establishing a resilient foundation for the future.
Learn more about Surface and memory-safe firmware. - Safer drivers for stronger devices:
Surface is pioneering the development of Windows drivers in Rust, effectively eliminating memory safety bugs that contribute to the majority of driver-related security incidents. These advancements lead to fewer vulnerabilities, more reliable updates, and a stronger foundation for all Windows devices.
Learn more about the development of Windows drivers in Rust by Surface. - Ecosystem impact and transparency:
Surface’s commitment to open-source leadership and collaborative engineering ensures that these security innovations extend beyond its own devices. Through initiatives like the Open Device Partnership (ODP), Surface shares its firmware and Rust-based Windows drivers with OEM partners, enhancing trust and transparency across the Windows ecosystem.
Learn more about the Open Device Partnership.
See the GitHub repositories for Open Device Partnership and Windows drivers in Rust.
Discover the full story: Read the November 2025 SFI Progress Report
For a comprehensive understanding of Microsoft’s security-first culture, engineering milestones, and overarching strategy, the November 2025 Secure Future Initiative (SFI) Progress Report is an invaluable resource. It offers a transparent view of measurable progress, cross-team collaboration, and the guiding principles that inform every product and service. This report serves as a definitive guide for IT leaders, partners, and end users to see how security propels innovation at Microsoft.
Learn more about security innovations at Microsoft Ignite
For those eager to delve deeper into security topics, Microsoft Ignite later this November will feature a wealth of sessions and content focused on security. Windows and Surface experts will be present to engage with attendees, offering insights, demonstrations, and practical guidance on enhancing organizational security and resilience. Join us for these sessions, either in person or online, with session recordings available on our Ignite page.
