Skip to main content
Microsoft Ignite
November 18, 2025

Preparing for what’s next: Windows security and resiliency innovations help organizations mitigate risks, recover faster and prepare for the era of AI

By

Today, we introduced agentic platform and cloud-powered flexibility capabilities into Windows that bring together human creativity and intelligent agents.

To fully embrace these agentic capabilities, trust is essential. That’s why Windows is built with privacy, security and enterprise-grade controls that help keep you informed, in control and protected. Windows 11 is more secure by design and by default with each release and update, aligning with Microsoft’s Secure Future Initiative’s core principles.

We also recognize that resilience is the cornerstone of a future-ready enterprise. Windows is committed not only to delivering powerful tools for customers, but also to strengthening resiliency across the Windows ecosystem.

In this blog, we’ll share some updates on Windows security and resiliency, including the latest announcements about securing agentic interactions on Windows, recent security innovations and our progress with the Windows Resiliency Initiative.

Securing agentic interactions on Windows

Security is our top priority as we expand Model Context Protocol (MCP)-powered capabilities and agentic workflows on Windows. At Microsoft Build 2025, we outlined the principles guiding how we secure MCP on Windows, and last month we expanded on this by sharing our four core principles that guide our approach to securing agent workflows on Windows:

  • Distinct agent accounts, separate from user accounts, enabling agent-specific policies and clear boundaries for access, permissions and accountability.
  • Limited agentic privileges so that agents have minimal permissions and only gain access to resources you explicitly grant.
  • Operational trust agents must be signed by trusted sources and signing can be revoked and blocked if needed.
  • Privacy-preserving design in Windows that helps agents adhere to Microsoft’s Privacy Statement and Responsible AI Standard, collecting and processing data only for clearly defined purposes.

Today’s agentic security announcements help honor these commitments:

Agent workspace is a separate and contained, policy-controlled, and auditable environment where agents can interact with software much like humans do, and perform tasks on behalf of end users, without disrupting a user’s primary session.  All actions performed within the agent workspace are attributed to a distinct agent identity, separate from users. This helps ensure every task, workflow and change is clearly tracked, making it easy to differentiate between what agents do and what users initiate. End users are in control and can choose to enable the agent workspace. The agent will have access to a limited set of the user’s local known folders—such as Documents, Downloads, Desktop or Pictures—and other resources that are accessible to all accounts on the system. Standard Windows security mechanisms like access control lists (ACLs) help prevent unauthorized use. Agent workspace is in private preview.

Image showing "how Agents operate" with two drop downs reading "Tools and Agents" and "Computer-use Agent Capabilities."

Windows 365 for Agents extends agentic platform primitives to the cloud as a secured and scalable virtual environment, preserving the same security principles and developer experience. Developers can choose between local and cloud execution without rewriting their agent logic, while IT maintains consistent governance through Microsoft Intune and enterprise policies.

Image of Windows 365 for Agents with four different sections reading "End Users," "Frontier Firms," "Agents" and "Agent Makers."

Agent connectors (in preview)in an on-device registry come with an MCP proxy layer built-in that facilitates consent, governance, auditing and containment enforcement, which end users and commercial customers need. This proxy layer allows the system to secure interactions between applications and MCP servers by applying appropriate policies. For customers using agent connectors and developers building them for their applications, the following two security policies will be available:

  • Default security policy: To help ensure a secure by default starting point, the MCP servers must meet the platform security bar around packaging, identity, provenance, containment and consent. The on-device registry will only expose components that are appropriately packaged and signed, declare required capabilities and enable the platform to execute components with containment mechanisms such as running them as an agent user.
  • Bypass security policy: While in developer mode, developers may choose to relax default security checks for testing purposes to allow MCP servers that do not conform to all the requirements to run on their system.

IT manageability: 

We’re announcing the public preview of new policies that let IT admins manage agent workspace and connector settings—including enabling or disabling features, configuring registry access and choosing between default or more permissive security policies for groups like developer machines—all through familiar tools like Microsoft Intune, Entra and Group Policy. Additionally, IT admins will be able to use familiar account and event log management tools to manage and observe actions performed by agents using agent user accounts.

We’ll continue to learn and gather feedback from customers as they use these capabilities during their preview period and will make adjustments in line with our privacy and security commitments.

For more information on these agentic security announcements, please see: Ignite 2025: Furthering Windows as the premier platform for developers, governed by security

Stronger by default: new Windows security capabilities

Security is a pursuit, and not a destination. We continue to add new capabilities and strengthen the layers of defense to address emerging threats. The Windows team is excited to announce several major advancements in security designed to help keep organizations ahead of evolving threats:

Advancing crypto and data protection

Post Quantum Cryptography (PQC) uses algorithms designed to withstand quantum attacks that could break today’s encryption. With quantum computing on the horizon, early adoption is critical. Post Quantum Crypto (PQC) APIs in Windows are now ready, so organizations can start migrating to quantum-safe encryption and validate their applications and infrastructure.

Hardware-accelerated BitLocker brings faster and more secure disk encryption to Windows by leveraging modern SoC and CPUs. Cryptographic operations are now offloaded from the main processor to dedicated hardware, boosting performance and reducing system overhead. On supported hardware, encryption keys are now hardware-protected by being wrapped and isolated at the silicon level, which helps to minimize exposure to CPU and memory vulnerabilities, and raises the bar for data protection. These enhancements will be available on new devices starting spring 2026, helping organizations safeguard sensitive data with greater speed and confidence.

Protecting credentials

Credential and identity theft remain top cyberattacks, with phishing as a leading threat vector. As announced in October, the refreshed Windows Hello experience delivers faster, more intuitive authentication, and we are enabling passkey managers to integrate with Windows Hello—this integration is available with the November 2025 security update. We have been working with Microsoft Password Manager in Edge, 1Password, Bitwarden and others as they use this new passkey manager support, enabling smooth sign-in with Windows Hello. So now passkey use on Windows is simpler, smoother, more secure than ever and can be synced across devices.

Passkey with Windows Hello pop up as user tries to sign into LinkedIn reading "sign in with passkey" and "Hello Alice Hawkins, Press okay to continue."Trusted apps and drivers

Attacks often start with unsafe or unsigned apps and drivers. App Control for Business helps ensure only verified apps and drivers run on your device—giving IT peace of mind and reducing risk. With Intune’s Managed Installer, allowing line of business apps to run is simplified. Controlling what apps and drivers run on your device helps eliminate attacks from malicious attachments or social engineered malware, so even if you click on that wrong thing, you’re better protected.

Better visibility with Sysmon functionality

We are also pleased to announce that Sysmon functionality will soon be available in Windows. Sysmon functionality in Windows provides easy to activate, rich, customizable threat detection signals valued by enterprise security teams, third party security vendors and other partners. The upcoming release of Sysmon functionality in Windows will help simplify operations, reduce deployment burdens and significantly increase visibility into Windows logs, empowering security teams to identify threats faster and more efficiently.

Connectivity security

Windows is raising the bar for network protection with two major updates. One is Zero Trust DNS, a powerful new capability that enforces zero trust principles by controlling outbound name resolutions through encrypted DNS and approved DNS servers. This helps organizations meet NIST standards and blocks unauthorized access, helping to ensure only trusted DNS traffic is allowed—a key step toward robust zero trust architecture. And Wi-Fi 7 for Enterprise, which mandates WPA3-Enterprise authentication, delivers seamless roaming and brings the performance benefits of next generation wireless to business environments.

Windows Resiliency Initiative brings recovery at scale

One year ago, at Ignite 2024, we introduced the Windows Resiliency Initiative (WRI), a focused set of improvements to help IT departments prevent incidents, manage those that occur and recover quickly.

Most incidents stem from change, and today’s rapid developments in security and AI are accelerating change across products, processes and how people work, raising the bar for IT.

Guided by your engagement and feedback, we’re proud to announce new Windows capabilities that help strengthen resilience across your environment.

Preventing incidents through driver resiliency

We invest continuously in Windows quality through deep validation of all new Windows capabilities and monthly security and quality updates. We also work continuously with our partners in the open and innovative Windows app and driver ecosystem to help ensure great reliability end-to-end.

We’ve recently made significant progress on two investments to help improve reliability in anti-virus drivers. Effective April 1, 2025, Version 3.0 of the Microsoft Virus Initiative added new requirements for all Windows antivirus (AV) partners to maintain signing rights for Windows AV drivers. In June, we released the first private preview of the Windows endpoint security platform, which shifts AV enforcement from the kernel to user mode. Running AV in user mode prevents bugs from taking down Windows, instead impacting only the AV app, while preserving AV functionality and AV partners’ ability to innovate.

We’re now extending the driver resiliency playbook across the Windows ecosystem beyond the AV scenario. In short, we’re raising the bar for driver signing and making it easier to build reliable drivers for Windows.

What’s changing:

  • Driver signing will require a higher security and resiliency bar with many new certification tests.
  • We are expanding Microsoft-provided Windows in-box drivers and APIs so partners can replace many custom kernel drivers with standardized Windows drivers or move logic to user mode.
  • Over the coming years, we expect a significant reduction in code that runs in kernel mode across driver classes such as networking, cameras, USB, printers, batteries, storage and audio.

We will continue to support third-party kernel mode drivers. We will not limit partners from innovating where we don’t have Windows in-box drivers, or from using kernel mode drivers where required to help ensure a great Windows experience and for scenarios without in-box coverage. Graphics drivers, for example, will continue to run in kernel mode for performance reasons.

For kernel-mode drivers, we’re adding practical guardrails that improve quality and contain faults before they become outages. These include new mandatory compiler safeguards to constrain driver behavior, driver isolation to limit blast radius, and DMA-remapping to prevent accidental driver access to kernel memory.

Manage incidents

For high-impact incidents, customers can now engage Windows product team engineers through the Windows component of Mission Critical Services for Microsoft 365. This new offering enables customers to have specific issues investigated by Windows product engineers directly.

To help keep all your employees productive when something happens to their physical PC, we suggest using Windows 365 Reserve, now generally available. It enables employees to stay productive even if their laptop is lost, damaged or compromised, using secured, cost-effective, temporary Cloud PCs. If this occurs, IT can quickly provision a Reserve Cloud PC with all the necessary apps and policies—keeping employees productive and businesses running. The employee can use the Cloud PC from any device IT allows, including personal devices.

Two new incident management abilities are coming soon:

  • Intune will surface when a Windows device has booted into the Windows Recovery Environment (WinRE), helping IT admins quickly spot machines that can’t boot into Windows and to prioritize recovery. In Azure Portal the same signals will appear for Windows Server VMs that have switched to WinRE, enabling rapid triage and remediation at scale.
  • Digital Signage mode. This new Windows mode is perfect for machines which drive non-interactive public displays, whether that be a restaurant menu or an airport flight display. Once enabled, it helps ensure no Windows screens or error dialogs will show on your public displays. For Windows screens and errors messages needed for diagnostics and recovery, Windows will only show the screen or error for 15 seconds and then turn off the screen while waiting for keyboard or mouse input to reactivate. It is simple to enable through the Windows Settings app or a registry key. This mode does not replace Kiosk mode. Kiosk mode remains the right solution for interactive kiosks.

Recover

We’re reinventing Windows recovery, modernizing tools first built two decades ago. With Intune endpoint management, SSDs replacing slow HDDs and widespread cloud data protection via OneDrive, recovery tools become simpler, faster and more effective at scale.

Illustration of a computer interacting with Intune Remote Recovery which in turn is connected to a syringe labelled quick machine recovery, a clock labelled point-in-time restore and a tower labelled loud rebuild.

We released Quick Machine Recovery (QMR) in August. When a widespread issue prevents Windows PCs from booting into Windows, and instead fall back to WinRE, Microsoft can push a QMR update to restore functionality. We’ll soon add two new capabilities to make QMR easier to use in enterprise environments:

  • WinRE networking. WinRE will read networking configuration from full Windows, so networking for WinRE does not need to be configured separately. Supporting ethernet today, it will soon also support Enterprise Wi-Fi with WPA 2/3 enterprise with device certificates.
  • Autopatch QMR management. In preview now, Autopatch adds management and approval of QMR updates, alongside all the other types of Windows updates it already automates.

QMR is a great solution for incidents with broad impact. We’re also investing in tools for smaller, isolated incidents—down to a single device. Intune remote recovery via WinRE will let IT admins see in the Intune console when a managed PC has entered recovery. From there, Intune will be able to push custom recovery scripts and trigger other remediation actions. This is built on a WinRE plug-in model that third party endpoint management solutions can adopt as well. Beyond PCs, the Azure Portal will soon enable recovery control for Windows Server VMs.

Two new Windows recovery actions which Intune will soon be able to trigger on a PC are:

  • Point-in-time restore, which will rollback a PC to the exact state it was in an earlier point in time. This recovery action helps resolve a wide range of issues, including problems with updates, driver conflicts and configuration errors. Point-in-time restore will be available in preview in the Windows Insider build of Windows 11 this week.
  • Cloud rebuild: When a device’s erratic behavior can’t be solved in an easier way, Cloud rebuild offers a clean slate without shipping hardware or visiting a service desk. Through the Intune portal, admins will be able to select the desired Windows release and language, triggering the PC to download installation media and rebuild itself. The process leverages Autopilot for zero-touch provisioning, ensuring MDM enrollment and policy compliance post-rebuild. User data and settings restoration is streamlined via OneDrive and Windows Backup for Organizations. This approach will reduce downtime from hours—or days—to a fraction of that time.

Learn more

The latest Windows security and resiliency announcements demonstrate our commitment to helping customers stay secure in a rapidly changing landscape. We look forward to delivering these innovations and supporting organizations as they build a resilient, future-ready security posture.

To learn more about Windows 11 security features, visit the Windows 11 Security eBook.

For more on the Windows Resiliency Initiative, visit the Windows Resiliency Initiative page and this Technical IT Pro blog for details about recovery tools.