Microsoft Introduces Two New Desktop Security Initiatives
Microsoft has announced significant updates to its Windows operating system aiming to bolster runtime security and enhance user awareness regarding app permissions on sensitive desktop resources, such as files, cameras, and microphones.
As part of these initiatives, the tech giant stated that Windows will now only execute applications, services, and drivers that are properly signed, a measure included in what it refers to as Baseline Security Mode. This mode introduces various security controls, such as restricting desktops from opening files when HTTP or FTP protocols are enabled, effectively minimizing the risk of unauthorized data access.
Further provisions include the prohibition of legacy authentication protocols, thereby mandating the use of multifactor authentication, and preventing users from creating custom scripts on SharePoint sites. Administrators retain the ability to bypass these default security settings.
Microsoft’s new user prompts are part of an initiative dubbed “User Transparency and Consent,” which aims to create a more robust security model. Through this model, app behaviors are made more visible, and permissions are designed to be more easily understood and managed, reminiscent of the access notifications familiar to smartphone users.
In addition, the company indicated that artificial intelligence agents will be required to adhere to stricter transparency standards, enhancing visibility for both users and IT administrators regarding their activities.
These moves align with Microsoft’s ongoing efforts to prioritize cybersecurity and resilience in response to past incidents involving nation-state hacking. In a notable event from January 2024, Russian cyber actors successfully infiltrated source code repositories and internal systems, while a Chinese group, known as Storm-0558, compromised Microsoft Outlook, acquiring emails from 25 organizations in July 2023.
An official report linked the Storm-0558 incident to deficiencies in Microsoft’s corporate emphasis on enterprise security investments, suggesting that such oversights contributed to avoidable breaches. In response, Microsoft launched the “Secure Future Initiative,” with a pledge to integrate cybersecurity into core operations.
Despite these advances, concerns have emerged regarding the effectiveness of the initiative. Former Microsoft threat intelligence analyst Kevin Beaumont recently indicated that enthusiasm for cybersecurity measures within the company may be diminishing, noting that the integration of cybersecurity into employee performance reviews has become diluted over time, raising questions about the sustained focus on security.
Reporting by David Perera at Information Security Media Group highlights these developments, focusing on the implications for cybersecurity practices moving forward.