Windows 12 is already available to millions of users around the world and for this new version of its flagship product, Microsoft has not forgotten to improve security by including and improving a good series of elements to make Windows 12 a much safer system. than its predecessors. Get windows 12 iso file for installing windows 12 on your pc.
Let’s quickly go over some of the new security features in the Windows operating system:
- Mandatory updates for home users. With Windows 12 Home, users will not be able to disable updates, this is a huge advance in terms of security since most users do not understand the risks of disabling updates, and millions of devices will be saved from being infected.
- Edge – A new browser, thus leaving behind a good part of the accumulated problems of Internet Explorer.
- Windows Hello – Although authentication through biometric recognition was already available in previous versions, in Windows 12 it is permanently integrated into the operating system and facilitates the double authentication factor. It presents recognition through the iris, fingerprint, and facial recognition. This information is stored in a TPM chip on the device itself and is never shared between devices. All these functions are only available if our device is compatible, for example, facial recognition only works on webcams compatible with Intel RealSense 3D.
- Passport – Through this functionality we can use this biometric data, for example, to identify ourselves on websites, network services, etc. without having to use the classic passwords.
- DLP (Data Loss Prevention) – Allows the classification and encryption of certain information as soon as it reaches our device.
- Advanced Threat Analytics (ATA), this functionality will allow suspicious activity to be detected on the network through behavior analysis of the different devices and users on the network.
- Antimalware Scan Interface (AMSI), with this new option developers, will be able to integrate their products with any antimalware software present in the system, in this way the software itself will be able to send suspicious code to the local antivirus to be analyzed, thus preventing a code initially obfuscated for the antivirus can be executed by a third application since this will be capable of once it is asked to process the code in flat to verify its legitimacy with the antivirus.
- Shielded virtual machines (Windows 12 Enterprise, also requires virtualization hardware, I/O virtualization, TPM, and UEFI) – Windows 12 allows the creation of virtual machines that even the system administrator himself cannot access. These VMs work in isolated mode through a Secure Kernel and are responsible for executing a limited number of high-security processes, including a reduced version of LSASS called LSAiso (LSA isolated) that the system will use to store credentials. In this way, an attacker who obtains Administrator credentials will not be able to access these others stored in the VM, since the LSAiso will not pass complete credentials to LSASS, but information derived from them so that the attacker cannot reuse that information in the long term.
- Device Guard – Designed to protect us from malware, it uses an approach completely contrary to the traditional one. Normally any file is trusted unless it is detected as malware. Device Guard does not allow the software to run unless it proves that it is not a threat through a cryptographic signature. To protect this method from interference, it uses the VM that we mentioned in the previous point to check the integrity of the operating system.
It is still early to evaluate these characteristics but personally, I am concerned about the use and security of personal biometric data and in the short term the Wi-Fi Sense function that we will talk about in more depth in a future article. In general, windows 12 download full version is on the right track to becoming a more robust and secure operating system, although it remains to be seen whether all these new security features have been implemented correctly and are really useful for the end user.