Microsoft Details New Security Features to Make Windows More Resilient

It’s been almost a year since Microsoft launched the Windows Resiliency Initiative, a comprehensive strategy to improve the security and reliability of Windows. After a massive CrowdStrike outage affected millions of PCs around the world a year ago, the Windows Resiliency Initiative started as a collaborative effort with endpoint security vendors willing to work on a more resilient security model for the Windows ecosystem.

Today, Microsoft is following up with the release of the Windows Resiliency Initiative ebook, which covers strategies for preventing and recovering from digital disruption. The company also announced upcoming updates to improve the resiliency of the Windows platform.

Since last year, Microsoft has also been encouraging security product developers to follow Safe Deployment Practices (SDP) to minimize the negative impact of updates, and this work is still ongoing. Next month, Microsoft will also launch a private preview of the Windows endpoint security platform, which it had previously announced at Ignite last fall. The Windows endpoint security platform will allow Microsoft Virus Initiative (MVI) partners to start building their products outside of kernel mode.

“The new Windows capabilities will allow them to start building their solutions to run outside the Windows kernel,” explained David Weston, CVP, Enterprise and OS Security, Microsoft. “This means security products like anti-virus and endpoint protection solutions can run in user mode just as apps do. This change will help security developers provide a high level of reliability and easier recovery resulting in less impact on Windows devices in the event of unexpected issues.”

Later this summer, the new Windows 11 unexpected restart screen that Microsoft has been testing with Insiders will also come to the version 24H2 of the OS. “The updated UI improves readability and aligns better with Windows 11 design principles, while preserving the technical information on the screen for when it is needed,” Weston said today.

Quick Machine Recovery (QMR), a new recovery mechanism for PCs that cannot restart successfully, will also become available later this summer on Windows 11 version 24H2. The feature will allow IT admins to remotely execute targeted fixes from Windows Update on PCs even when they’re unable to boot.

Microsoft also encourages organizations to save Internet bandwidth when deploying updates by using Microsoft Connected Cache. This solution uses a locally deployed Connected Cache node instead of the cloud to dynamically cache content needed for Windows 11 updates, Windows Autopilot device provisioning, Microsoft Intune application installations, and Windows Autopatch.

Last week, Microsoft also announced Windows 365 Reserve, a standalone Windows 365 offer that will soon be available in preview. It will offer temporary access to a Cloud PC pre-loaded with Microsoft 365 apps, corporate settings, and security policies when the primary devices in an organization become unavailable.