Microsoft Announces Security Updates

Microsoft has introduced a handful of new security tools and updates, which the company said adhere to its Secure Future Initiative, a set of three core tenets emphasizing "secure by design, secure by default and secure operations."

Protecting your data and ensuring the integrity of your systems is paramount," wrote David Weston, vice president of Enterprise and OS Security at Microsoft, in an Ignite blog post. "From chip to cloud, Microsoft provides multiple layers of security to help protect identities and data, and enables an expansive ecosystem for innovation at a critical time. As the security landscape evolves, we continuously enhance Windows' security and resilience, ensuring it remains a secure platform for our partners, developers and customers. A strong security posture is essential for your business, and a shared responsibility across our ecosystem."

Security Exposure Management Launch

Microsoft has launched Security Exposure Management, a solution designed to help organizations assess and reduce threat exposure. Now generally available to Microsoft Security customers, the tool offers a unified view of an organization's attack surface by consolidating data across devices, identities, applications and hybrid environments.

The platform automates attack path assessments to critical assets and provides prioritized recommendations to strengthen security. It integrates with tools like Microsoft Defender XDR and Security Copilot, offering a seamless pre- and post-breach SecOps experience.

Key features include Attack Surface Management for asset discovery, Attack Path Analysis for risk assessment, and Unified Exposure Insights to align security initiatives with business goals. The solution supports continuous threat exposure management, enabling organizations to proactively monitor, measure, and remediate cyber risks.

Bolstered Windows 11 Security

Microsoft outlined key changes coming to Windows 11 and a new initiative focused on further protecting Windows 11 users. Called the Windows Resiliency Initative, Microsoft said it will aim to harden Windows 11 through the following four areas:

  • Strengthen reliability based on learnings from the incident we saw in July.
  • Enabling more apps and users to run without admin privileges.
  • Stronger controls for what apps and drivers are allowed to run.
  • Improved identity protection to prevent phishing attacks.

Microsoft has unveiled new Windows 11 security features that fall into the company's new Windows Resiliency Initiative. These updates, now in preview, aim to bolster protection for commercial customers.

  • Administrator Protection addresses the risks of running apps with elevated privileges, a major source of security incidents. Instead of persistent admin access, users can temporarily authorize system changes via Windows Hello, creating a secure, short-lived admin token. This approach prevents malware from exploiting elevated permissions.
  • To combat credential theft, Windows Hello now includes passkey support, offering built-in multifactor authentication that blocks more than 99.99% of attacks, according to Microsoft.
  • New protections against malicious apps include Smart App Control and App Control for Business, which ensure only verified apps and drivers can run, backed by AI-enhanced policy management.
  • Personal Data Encryption provides file-level security for sensitive folders, integrating with Windows Hello and OneDrive to safeguard enterprise data.
  • Hotpatching minimizes system restarts during critical updates, while Config Refresh ensures policy compliance by resetting unauthorized changes.

These enhancements, part of Microsoft's ongoing zero trust strategy, aim to strengthen security without compromising user productivity, said Microsoft. The features are being tested internally and prepared for broader enterprise deployment.

Windows Security Copilot Updates

Microsoft has introduced new advancements to Security Copilot, leveraging generative AI to enhance security across organizations.

The updates bring AI-driven insights directly into Microsoft tools, making security management more efficient. Data security administrators can now access a clearer view of their environments through Microsoft Purview Data Security Posture Management, while identity administrators get AI assistance in the Microsoft Entra admin center to simplify tasks and enforce least-privilege access policies. IT administrators can also take advantage of AI-powered Kusto Query Language (KQL) support for faster troubleshooting and easier patch management.

Microsoft said Security Operations Center (SOC) analysts can benefit from an improved side panel for resolving identity issues and broader insights via the Microsoft Threat Intelligence plugin and new promptbooks simplify workflows, enhancing efficiency.

Security Copilot also integrates with third-party plugins, enabling teams to leverage Microsoft's threat intelligence. A Logic Apps connector allows automation of security tasks enriched by AI.

With enterprise-ready features like audit logs and role-based access control, these updates aim to streamline operations, enhance protection, and scale with organizational needs, the company said.

For more information, read the Microsoft blog post.

About the Author

Chris Paoli (@ChrisPaoli5) is the associate editor for Converge360.

Featured

  • The AI Show

    Register for Free to Attend the World's Greatest Show for All Things AI in EDU

    The AI Show @ ASU+GSV, held April 5–7, 2025, at the San Diego Convention Center, is a free event designed to help educators, students, and parents navigate AI's role in education. Featuring hands-on workshops, AI-powered networking, live demos from 125+ EdTech exhibitors, and keynote speakers like Colin Kaepernick and Stevie Van Zandt, the event offers practical insights into AI-driven teaching, learning, and career opportunities. Attendees will gain actionable strategies to integrate AI into classrooms while exploring innovations that promote equity, accessibility, and student success.

  • Geometric illustration of colorful robotic toys with distinct features like heads, arms, wheels, and antennas on a light gradient background

    KinderLab Robotics Expands Curriculum to Serve Upper Elementary Students

    KinderLab Robotics has expanded its STEAM robotics offerings with a new curriculum to develop computational thinking and computer science skills for students in grades 3-5.

  • Stock market graphs and candlesticks breaking apart with glass-like cracks

    Chinese Startup Disrupts AI Market

    A new low-cost artificial intelligence model from China is wreaking havoc in the technology sector, with tech stocks plummeting globally as concerns grow over the potential disruption it could cause.

  • interconnected glowing nodes and circuits in blue and green, forming a neural network on a dark background with a futuristic design

    Tech Giants Launch $100 Billion National AI Infrastructure Project

    OpenAI, SoftBank, and Oracle have announced a new venture, Stargate, through which they aim to build a massive AI infrastructure network across the United States. The initiative, which was announced at the White House with President Donald Trump, has been described as the "largest AI infrastructure project in history."