Get all your news in one place.
100’s of premium titles.
One app.
Start reading
Windows Central
Windows Central
Technology
Sean Endicott

Can't boot your Windows 11 PC? This new feature can fix your system remotely, helping prevent another CrowdStrike BSOD disaster.

Kevin Addley, VP Marketing & Growth at Future photographs a BSOD at JFK airport.

What you need to know

  • Microsoft announced several security features at Ignite 2024.
  • The tech giant introduced the Windows Resiliency Initiative during the conference, which focuses on strengthening security through enhanced admin privilege controls, improved identity protection, and learning from recent incidents, such as the CrowdStrike disaster that occurred this past July.
  • Quick Machine Recovery, one of the key features announced, allows IT admins to execute targeted fixes from Windows Update remotely even if a PC is unable to boot.

Windows has been around in some format for almost four decades and has become ubiquitous in professional environments. With billions of PCs running Windows, systems running the operating system are often the target of attacks. Microsoft invests a massive amount of time and money to help secure systems and provide tools that IT admins can utilize to protect data and devices. During Microsoft's Ignite 2024 conference, the tech giant outlined its efforts to secure Windows 11, explained why systems should be upgraded to the latest version of Windows, and shared details about new security features that are on the way.

The online portion of Microsoft Ignite 2024 runs from November 19 to November 21, so there will be a lot of discussion about Windows, security, and new features that are on the way. However, Microsoft shared summaries and details about the most important updates that will be discussed at the conference.

Quick machine recovery

The headline security feature announced at Ignite 2024 is Quick Machine Recovery. The feature allows IT admins to execute targeted fixes from Windows Update remotely, even if a PC is unable to boot. Remote access is the key, as it reduces the time required to fix bricked PCs.

Many of the new security features announced and highlighted at Ignite 2024, including Quick Machine Recovery, stem from lessons learned from the CrowdStrike incident this past July. Earlier this year, an issue caused one of the largest outages in history, affecting airlines, TV broadcasters, retail spaces, 911 operators, and several other industries. The IT outage was considered catastrophic. Because the Blue Screen of Death (BSOD) appeared on systems, Microsoft received a massive amount of criticism following the incident, even though the issues were not Microsoft's fault, at least directly. Security features such as Quick Machine Recovery should help resolve similar issues in the future, though I'm sure Microsoft would prefer to never see another CrowdStrike-level event.

Quick Machine Recovery will enter testing among Windows Insiders in early 2025.

Admin privileges

Windows Hello authentication is required for the new Administrator protection feature, which allows users to gain temporary access to the ability to perform tasks that usually require administrator privileges. (Image credit: Future)

Microsoft discussed "longstanding challenges with Windows security" at Ignite 2024. One of the ongoing issues is overprivileged users and applications being able to harm systems. One reason that administrator privileges are an issue is because organizations have two options: give a user administrator privileges or make someone a standard user. This hard split lacks the nuance that's needed in many workflows.

Limiting administrator privileges is a wise policy since those with admin rights can make registry changes and install applications. However, PCs also require administrator privileges to adjust a time zone. If made a standard user, a person may need to create a ticket for an IT admin to do a basic task like changing a time zone. Microsoft is working to find a balance and is testing a solution to this issue.

A new feature called Administrator protection, which is currently in preview, allows standard users to gain temporary access to elevated privileges after secure sign-in. After using Windows Hello to verify identity, Windows will create a temporary isolated admin token to do a specific job, such as installing a needed application. That token is then destroyed after the task is completed, so the user is dropped back down to standard privileges.

Administrator protection is set up in a way that attackers cannot retain administrator privileges even if they have access to a system since the feature requires Windows Hello authentication and created tokens are temporary.

Windows 11 vs Windows 10

TPM 2.0 is both a reason that Windows 11 is more secure than Windows 10 and one of the main reasons many systems are unable to upgrade to Windows 11. (Image credit: Future)

Microsoft's emphasis on Windows 11 being more secure than Windows 10 persists when looking through materials from Ignite 2024. I suspect that Microsoft is eager to find ways to convince people to upgrade to Windows 11 before Windows 10 reaches end of support in October 2025.

Millions of PC users have been reluctant to upgrade systems to Windows 11 or are unable to upgrade their devices to Windows 11 due to minimum hardware requirements. Ironically, one of the features Microsoft highlighted during Ignite 2024, TPM 2.0, is a major reason so many PCs cannot upgrade to Windows 11.

Microsoft highlighted new and existing features that improve security on Windows 11 PCs, including Credential Guard, Local Security Authority protection, and BitLocker being enabled by default on many modern devices. The company also removed insecure code when making Windows 11.

According to Microsoft, reported security incidents have dropped by 62%, and firmware attacks have been reduced threefold due to the security efforts of the tech giant.

I don't doubt that Windows 11 is more secure than Windows 10. Microsoft has clearly put in the effort to improve security and set minimum hardware requirements that are in line with its vision for securing devices. Still, I predict that Microsoft will discover that many people will run unsupported devices due to being unable to afford a new PC or being unwilling to switch away from an otherwise usable device.

🎃The best early Black Friday deals🦃

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
One subscription that gives you access to news from hundreds of sites
Already a member? Sign in here
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.