Microsoft has announced a new Windows Resiliency Initiative as a way to improve security and reliability, as well as ensure that system integrity is not compromised.
The idea, the tech giant said, is to avoid incidents like that of CrowdStrike’s earlier this July, enable more apps and users to be run without admin privileges, add controls surrounding the use of unsafe apps and drivers, and offer options to encrypt personal data.
One of the most important features is Quick Machine Recovery that’s expected to be available to the Windows Insider Program community in early 2025.
“This feature will enable IT administrators to execute targeted fixes from Windows Update on PCs, even when machines are unable to boot, without needing physical access to the PC,” David Weston, vice president of enterprise and OS security at Microsoft, said. “This remote recovery will unblock your employees from broad issues much faster than what has been possible in the past.”
In another noteworthy update, Microsoft said it’s introducing new capabilities that will allow security tools to be run in user mode, just like regular apps, as opposed to relying on kernel access. The feature is set to be made available as a preview in July 2025.
With this change, the intention is to offer a way for easy recovery and reduce impacts at the operating system level in the event of a crash or an error.
Redmond further said it’s working with endpoint security partners to take specific steps to bolster resilience as part of what’s called the Microsoft Virus Initiative (MVI). These include gradual product update rollouts and recovery procedures, leveraging deployment rings, and ensuring that there are little-to-no negative consequences from applying those updates.
Some of the other changes the company is bringing to Windows are below –
The updates are also in line with Microsoft’s Secure Future Initiative (SFI), a multiyear commitment that aims to put security front-and-center when designing new products and counter cyber threats. It was first launched in November 2023.
The development comes as the company said it is expanding its bug bounty program with a new hacking challenge called Zero Day Quest to advance research and security in the areas of cloud and artificial intelligence (AI).
“This event is not just about finding vulnerabilities; it’s about fostering new and deepening existing partnerships between the Microsoft Security Response Center (MSRC), product teams, and external researchers – raising the security bar for all,” Tom Gallagher, vice president of engineering at Microsoft Security Response Center (MSRC), said.
