Microsoft Announces Windows Baseline Security Mode and User Transparency and Consent

Microsoft today announced two initiatives that it says will help restore user trust in Windows. Both use a “consent-first” approach while making “app and AI agent behavior transparent, decisions reversible, and access limited to clear approved capabilities.”

“Windows must both remain an open platform and be secure by default, protecting the integrity of your experience regardless of the apps installed,” Microsoft distinguished engineer Logan Iyer writes. “Our developers and ecosystem partners echo this need. They have called for stronger, more consistent security foundations in the operating system, [so] Windows is evolving to take more accountability.”

The two initiatives, Windows Baseline Security Mode and User Transparency and Consent, both fall under the Secure Future Initiative and Windows Resiliency Initiative. Together, they establish a more robust security model that advances app transparency and user consent, with features that make app behavior more visible and app permissions easier to understand and manage.

Windows Baseline Security Mode will enable runtime integrity safeguards by default so that only properly signed apps, services, and drivers are allowed to run, helping protect the system from tampering and unauthorized changes. Users and IT administrators will be able to override these safeguards for specific apps when required. And developers will be able to determine whether these protections are active and whether any exceptions have been granted.

User Transparency and Consent will force Windows 11 to prompt you when apps try to access sensitive resources like files, the PC’s camera, or a microphone, and when they attempt to install other unintended software. Microsoft says that these prompts will be clear and actionable, and that you will always have the ability to review and change your choices later. This initiative will also bring higher transparency standards to apps and AI agents, so users and IT administrators will have better visibility into their behaviors. “These updates raise the bar for security and privacy on Windows, while giving you more control and confidence in how your system and data are accessed,” Iyer claims.

These two initiatives will be rolled out in Windows 11 through “a phased approach” in partnership with developers, enterprises, and ecosystem partners. Microsoft will reveal more details about them and the timeframe in “upcoming blogs and dedicated feedback channels,” but my guess is that we’re looking at a Windows 11 version 26H2 deliverable here. Or perhaps even a Windows 12, given that Microsoft never names Windows 11 directly regarding these initiatives. Either way, I assume we’ll see the first real-world impact of Windows Baseline Security Mode and User Transparency and Consent in the Windows Insider Program by mid-year.