Microsoft is set to enhance the security landscape of its Windows operating system with a series of new features that many users and administrators might have assumed were already in place. The initiatives, known as “Windows Baseline Security Mode” and “User Transparency and Consent,” aim to address suspicious activities occurring in the background while ensuring that users are informed when applications attempt to access sensitive resources, such as the device’s camera or microphone, or delve into private files.
Windows Baseline Security Mode
At the heart of these updates is the Baseline Security Mode, which will enable runtime integrity safeguards by default. This means that only applications, services, and drivers that are properly signed will be allowed to operate. However, for those instances where a legacy application is essential, users and administrators will still have the option to override these safeguards. Additionally, app developers will have the capability to verify whether these protections are active and if any exceptions have been granted.
User Transparency and Consent
The User Transparency and Consent feature promises a more detailed approach to user permissions. Unlike the current User Account Control (UAC) prompts, which often elicit little more than a dismissive click, Microsoft’s new strategy will require explicit consent from users when applications seek access to sensitive resources or attempt to install additional software.
Microsoft likens this approach to the experience on smartphones, aiming for a balance that avoids the stringent restrictions often associated with platforms like Apple’s. While users may find themselves facing an increase in prompts, Microsoft assures that these notifications will be designed to be clear and actionable, with the flexibility to review and modify choices at any time.
Despite some users questioning why such restrictions weren’t already implemented, the introduction of these features is a commendable step forward. However, it may also present additional challenges for administrators, who will need to clarify these changes to users or preemptively disable certain features to mitigate the anticipated surge in support inquiries.
Alex Ionescu, Chief Technology Innovation Officer at CrowdStrike, expressed enthusiasm about collaborating with Microsoft on this initiative. He stated, “CrowdStrike is looking forward to being an early partner in the development of a new, more secure and resilient runtime model for Windows applications, which helps raise the bar for user security and privacy.” Ionescu emphasized that when applications adhere to user consent settings with appropriate security boundaries, security software can more effectively shield users from potential threats while minimizing performance impacts.
It’s worth noting that CrowdStrike has a history of significant incidents, including a 2024 update that inadvertently rendered Windows devices inoperable worldwide. This event prompted Microsoft to reevaluate its security protocols and the extent of third-party component permissions.
Microsoft has long been vocal about its commitment to enhancing Windows security, with initiatives like the Secure Future Initiative (SFI) laying the groundwork prior to the CrowdStrike incident. However, even these efforts were unable to prevent a critical failure caused by a piece of flawed code that affected millions of Windows instances.
In light of growing user concerns regarding AI agents, Microsoft has indicated that applications and AI-driven tools will also be held to higher transparency standards. This will provide both users and IT administrators with improved visibility into the behaviors of these technologies.
While Microsoft has not specified a timeline for the rollout of these updates, it has indicated that the changes will be implemented through a phased approach, signaling a thoughtful progression toward a more secure Windows environment.
