Microsoft is enhancing security on Windows 11 by expanding its administrator protection tests.

Insiders in the Canary Channel can now enable this feature directly from the Windows Security settings, offering an additional layer of defense against unauthorized access to critical system resources.

First introduced in October 2023, admin protection uses a hidden, just-in-time elevation mechanism alongside Windows Hello authentication. This ensures logged-in admin users operate with standard user permissions by default. When installing applications or modifying system settings like the registry, users must authenticate using a PIN or biometrics. These prompts are designed to be harder to bypass compared to the traditional User Account Control (UAC).

Buy Me a Coffee

According to the Windows Insider team, authentication prompts now feature expanded color-coded regions, making it easier for users to identify untrusted or unsigned applications. Admin protection is disabled by default but can be activated by IT admins using group policy, mobile device management (MDM) tools like Intune, or directly by users under the Account Protection tab in Windows Security settings. Enabling this feature requires a system reboot.

Future Security Enhancements

Microsoft has also outlined additional features planned for Windows 11:

  • Quick Machine Recovery: Rolling out in early 2025, this feature will allow system admins to remotely fix devices rendered unbootable due to Windows Update issues.
  • Config Refresh: A tool enabling admins to restore PCs to preset configurations, simplifying device management.
  • Zero Trust DNS: Redirects all DNS queries through trusted servers to enhance network security.
  • Hotpatching: Already being tested on Windows 365 and Windows 11 Enterprise 24H2 devices, this feature allows security updates to be installed in the background without requiring a reboot.

These updates are part of Microsoft’s Secure Future Initiative (SFI), launched in late 2023 to improve cybersecurity measures across its ecosystem. Admin protection is currently available to Insiders running Windows 11 Insider Preview Build 27774, marking another step in Microsoft’s commitment to fortifying Windows security.