Microsoft is working on a new feature that promises to increase security on Window 11, but will require a complete reset to enable it on existing devices.
Smart App Control is designed to help protect Windows computers from malicious applications. The feature blocks untrusted and unsigned applications. Unlike some features, which are implemented at a higher level, Smart App Control is part of the core OS, operating at the process level. The feature also uses AI in an effort to increase protection.
Smart App Control goes beyond previous built-in browser protections and is woven directly into the core of the OS at the process level. Using code signing along with AI, our new Smart App Control only allows processes to run that are predicted to be safe based on either code certificates or an AI model for application trust within the Microsoft cloud. Model inference occurs 24 hours a day on the latest threat intelligence that provides trillions of signals. When a new application is run on Windows 11, its core signing and core features are checked against this model, ensuring only known safe applications are allowed to run.
Unfortunately, while new devices will eventually ship with the feature enabled, existing devices will require a reset to activate it.
Smart App Control will ship on new devices with Windows 11 installed. Devices running previous versions of Windows 11 will have to be reset and have a clean installation of Windows 11 to take advantage of this feature.
The feature sounds similar to Apple’s System Integrity Protection (SIP), a feature that is alternately praised and maligned for helping protect Macs while also making them less convenient to use on a daily basis. Either way, it’s unfortunate the feature will require a reset to activate on existing devices.