Microsoft Unveils Enhanced Mobile-Style Security Controls for Windows

Windows 11 to Implement Smartphone-Style App Permission Prompts

Microsoft is set to introduce smartphone-style app permission prompts in Windows 11, requesting user consent before apps can access sensitive resources like files, cameras, and microphones.

The new “Windows Baseline Security Mode” and “User Transparency and Consent” changes mark a significant shift for the operating system, which now powers over 1 billion devices.

According to Windows Platform engineer Logan Iyer, the updated security model aims to address issues such as applications overriding settings, installing unwanted software, or modifying core Windows experiences without obtaining user consent.

Following the transparency and consent changes, Windows will prompt for permission when apps attempt to install unwanted software or access sensitive resources, similar to smartphones. This will allow users to adjust their choices at any time after accepting or denying access requests.

The Baseline Security Mode will enforce runtime integrity safeguards by default, ensuring that only properly signed apps, services, and drivers can run. However, users and IT administrators will still have the option to override these safeguards for specific apps when necessary.

Iyer explained, “Just like on their mobile phones, users will be able to easily identify which apps have access to sensitive resources such as the file system, camera, and microphone. If they come across an unfamiliar app, they can revoke its access.”

Users will have control over how apps access their personal data and device features, receiving clear prompts to grant or deny permissions. They can also revoke previously granted permissions.

These changes will be rolled out gradually in collaboration with developers, enterprises, and ecosystem partners, with adjustments based on feedback.

The initiative is part of Microsoft’s Secure Future Initiative (SFI), launched in response to the U.S. Department of Homeland Security’s Cyber Safety Review Board labeling Microsoft’s security culture as “inadequate.” This followed a breach by Chinese hackers in which a Microsoft consumer signing key was stolen.

As part of the SFI, Microsoft is enhancing security measures, including securing Entra ID sign-ins, disabling ActiveX controls, and updating Microsoft 365 security defaults.

Iyer emphasized, “Apps and AI agents will be held to higher transparency standards, providing users and IT administrators with better insight into their actions. These updates enhance security and privacy on Windows, empowering users with more control over their system and data access.”

Modern IT infrastructure outpaces manual workflows. Learn how to reduce delays, enhance reliability, and build intelligent workflows in the new Tines guide.

Get the guide