Tech
Microsoft announces new mobile-style Windows security controls
Microsoft wants to introduce smartphone-style app permission prompts in Windows 11 to request user consent before apps can access sensitive resources such as files, cameras, and microphones.
The “Windows Baseline Security Mode” and “User Transparency and Consent” initiatives represent a major shift for the operating system that now powers more than 1 billion devices.
Windows Platform engineer Logan Iyer said that this new security model was prompted by applications increasingly overriding settings, installing unwanted software, or even modifying core Windows experiences without obtaining user consent.
After the transparency and consent changes roll out, Windows will prompt for permission when apps try to install unwanted software or access sensitive resources, as on smartphones, allowing users to change their choices at any time after accepting or denying access requests.
Windows Baseline Security Mode will enable runtime integrity safeguards by default, ensuring that only properly signed apps, services, and drivers can run, but still allowing users and IT administrators to override these safeguards for specific apps when needed.
“Just like they do today on their mobile phones, users will be able to clearly see which apps have access to sensitive resources, including file system, devices like camera and microphone, and others. If they see an app that they don’t recognize, they will be able to revoke access,” Iyer said.
“Users will have transparency and consent control over how apps access their personal data and device features. They will receive clear prompts to grant or deny apps permission to access protected data and hardware. Users will also be able to revoke permissions they have previously granted.”
The changes will roll out as part of a phased approach developed “in close partnership” with developers, enterprises, and ecosystem partners, with Microsoft planning to adjust the rollout and the controls based on feedback.
The action is part of Microsoft’s Secure Future Initiative (SFI), launched in November 2023 after the Cyber Safety Review Board of the U.S. Department of Homeland Security tagged the company’s security culture as “inadequate.” The board’s report was issued following an Exchange Online breach by Storm-0558 Chinese hackers who stole a Microsoft consumer signing key in May 2023 to gain widespread access to Microsoft cloud services.
As part of this initiative, Microsoft also announced plans to secure Entra ID sign-ins against script-injection attacks, has disabled all ActiveX controls in Microsoft 365 and Office 2024 Windows apps, and has updated Microsoft 365 security defaults to block access to SharePoint, OneDrive, and Office files via legacy authentication protocols.
“Apps and AI agents will also be expected to meet higher transparency standards, giving both users and IT administrators better visibility into their behaviors,” Iyer added. “These updates raise the bar for security and privacy on Windows, while giving you more control and confidence in how your system and data are accessed.”
Modern IT infrastructure moves faster than manual workflows can handle.
In this new Tines guide, learn how your team can reduce hidden manual delays, improve reliability through automated response, and build and scale intelligent workflows on top of tools you already use.