As part of its recent campaign to make Windows the preferred platform for “hybrid work”, Microsoft is introducing a new security feature. It’s called Smart App Control and it’s like the Windows Defender smartscreen on steroids. The purpose of this new feature is to prevent users from unknowingly installing malicious apps. While this is certainly a noble goal, there is only one problem: you need a clean installation of Windows to run it. While hardcore among us used to boast of regular booking and reinstalling Windows to maintain peak performance, this is no longer the case. Now we are proud of how long we will go Except Windows needs to be reinstalled. Because it’s a hassle to reinstall all our apps and programs that we’ve spent years tweaking. Also with SSDs, Windows usually runs quite fast, even after years of uptime.
A new security feature has been introduced in a recent Windows Inside build of Windows 11, and the company described it in a recent blog post. According to Microsoft, “Smart app control goes beyond the protection of previous built-in browsers and is woven directly into the core of the OS at the process level. Using code signing with AI, our new Smart App Control only allows processes that are predicted to be secure based on an AI model for code trust or application trust in Microsoft Cloud. ” It processes an incredible 24 trillion “security signals” per hour. It will use this data to predict which apps are harmful
The downside is that if you enable it on a system with pre-installed apps, you won’t be able to test them before it’s installed. The company doesn’t say why it can’t test apps already installed, such as virus scanners. Microsoft only said, “Smart app control will be sent to new devices installed on Windows 11. Devices running earlier versions of Windows 11 need to be reset, and Windows 11 must have a clean installation to take advantage of this feature. “
According to a summary of Ghacks.net, you can enable it after a clean install but it goes into evaluation mode. It tests your PC usage to determine if it should be enabled in this mode. It will not block anything in this mode because it is only checking the situation. At the end of this trial period, the software will either automatically turn on or off. Alternatively, administrators can enable or disable it. However, if you turn it on and disable it later, you’ll need to do a clean install of Windows again.
Here’s just rubbing it in with turning and doing its thing; It does not seem to have any solution to block an application. Smart app control will flag and block applications based on three criteria: known malicious applications, unreliable applications, and potentially malicious software. To determine whether an app is trusted, Microsoft relies on signed software and usage. An unsigned app that the cloud cannot recognize will be blocked. This can be a problem because an app is unreliable but still secure. You may have an obscure app that you’ve been running for 10 years that Microsoft won’t like, for example. This will block the installation of these apps and there is no way to add them to the “white list”. This can be a problem for many users for obvious reasons. (Legitimate applications for a relatively small number of users may encounter this problem. Many of the benchmarks and less-common applications I’ve used over the years run the gamut of smartscreens. -Ed)
Hopefully Microsoft has come up with a way to enable this without a clean installation. At the very least, the company may allow certain types of exclusion lists for certain apps. Apple even lets you override its security tips by typing in your password and clicking several buttons. It is possible that Microsoft will reconsider this, as its blog post notes that it is still in its infancy. In his blog post highlighting the new security features, he concludes, “More details of this feature will be shared in the future.”