More control, without losing transparency
With Windows Baseline Security Mode, runtime safeguards will be enabled by default and will only allow “properly signed” apps, services, and drivers to run. However, users and admins will be able to override these safeguards for specific apps when needed, and they will have visibility into what protections are active and whether any exceptions have been granted. The goal, Microsoft notes, is to help protect the system from “tampering or unauthorized changes.”
In addition, through new transparency and consent measures, users will receive prompts when apps attempt to access their sensitive data and resources, such as files, cameras, or microphones, or when they attempt to install other “unintended software.” Users can grant or deny app requests to access their protected data and hardware, and can also choose to revoke previously-granted permissions.
Microsoft calls this a “more consistent and intuitive approach” to how Windows communicates security decisions. The company says these new measures are a direct response to customers calling for “stronger, more consistent security foundations” in the company’s operating system (OS).
Read the full article here
