Microsoft Windows 11 update, which rolled out on September 26, 2023. This update is packed with significant security enhancements that contribute to making it the most personalized and intelligent Windows experience to date. Here are some of the key security features:
Creating a Password-Free Future
Microsoft have long discussed a vision for a future without passwords. Given that passwords are a major gateway for attacks—with over 4,000 password attacks occurring every second, a nearly three-fold increase from last year—it’s crucial for both organizations and individuals to adopt passwordless options.
Enhancing Passwordless Experience
From day one, IT teams will have the capability to disable the password entry option for all Windows 11 devices using Windows Hello for Business. This encourages employees to utilise more secure login alternatives.
Expanding Passkeys Usage
Over the past few years, Microsoft collaborated with industry partners and the FIDO Alliance to promote a passwordless future with passkeys. Passkeys represent the future of accessing websites and applications across platforms and ecosystems. Windows 11 users can now make better use of passkeys. After setting up a passkey with Windows Hello, you can access a website or application using your face, fingerprint, or device PIN. You can manage passkeys stored on your Windows PC and sign in using passkeys saved on your mobile phone for added convenience. Passkeys can be used on a range of services such as GitHub.com, DocuSign.com, and more.
Custom App Control for Business Policies via Microsoft Intune
Applications are vital to our digital experiences, but they can also serve as gateways for threats. With application control, only approved, secure, and trusted apps that have earned trust are allowed to run on devices. This prevents unwanted or malicious code from running and is a key component of a robust security strategy. Application control is often recognized as one of the most effective defences against malware. Customers can now utilize App Control for Business (previously known as Windows Defender Application Control) and its advanced capabilities to safeguard their digital assets from malicious code. With App Control for Business, IT teams can determine what operates in a business environment through Microsoft Intune or other MDMs in the admin console, including setting up Intune as a managed installer.
Config Refresh
Threat actors often launch attacks designed to bypass security measures by altering settings and system configurations. Config Refresh allows settings in the Policy Configuration Service Provider on a Windows 11 device to be reset every 90 minutes by default, or every 30 minutes if preferred. This protects against unexpected changes to configuration settings due to malicious software or registry edits and ensures that your settings remain as configured by IT.
Content Credentials
As part of Microsoft’s commitment to responsible generative AI, they are implementing new Content Credentials. These use cryptographic techniques to embed an invisible digital watermark in all AI-generated images on Bing, including the time and date of original creation. Additionally, these credentials are planned to Paint and Microsoft Designer.
The Monthly Scam
Quishing: Be Aware
Quishing is a type of phishing attack in which a threat actor uses a QR code to manipulate users, typically by redirecting them to a website that either downloads malware or solicits their sensitive information.
A now-common scam involves sticking fraudulent QR codes on parking meters to trick drivers into sharing financial credentials when they try to pay for parking. Users could encounter QR code scams in emails, in text messages, on signage, on direct mail and even in person from criminals posing as utility workers or government employees.
Because of the nature of these attacks the user will use their own personal mobile device which typically does not have the same protections in place.
Mitigation 1: using Defender for Endpoint/Business web filtering.
Block Newly registered domains: Sites that have been newly registered in the past 30 days and have not yet been moved to another category.
Mitigation 2: Go passwordless, a user can not disclose something they do not know.
