Editor's take: Since the introduction of Windows Vista, Microsoft has attempted to enforce a new approach to software access rights on its often-resistant users. Now, the Redmond-based company appears to be trying again – this time in the name of AI agents and a more smartphone-like user experience.
Microsoft recently announced a potentially major change in how Windows handles applications and software. The update comes with a new security model for the operating system. According to Microsoft Distinguished Engineer Logan Iyer, the change is expected to significantly improve security and trust across the Windows ecosystem.
Iyer highlighted that Windows 11 is now installed on over one billion devices, supporting "millions" of apps across business, education, productivity, and gaming workloads. The OS has long been an open and compatible ecosystem, and that core approach will remain unchanged for the foreseeable future. However, some aspects of Windows are set to evolve, impacting both users and developers.
Microsoft is developing a new Baseline Security Mode, which enables specific runtime integrity safeguards by default. In simple terms, new Windows 11 installations will only run apps, programs, services, and drivers that are properly signed. Iyer emphasized that users and IT administrators will always have the ability to override this restriction, allowing selected unsigned applications to run if they choose.
In addition, Windows will adopt smartphone-like app permissions through a new User Transparency and Consent feature. The operating system will alert users whenever an app requests access to sensitive system resources, such as files, the camera, or the microphone. Users will then have to decide how to respond to the prompt, granting or denying access on a per-app basis.
These prompts are designed to be clear and "actionable," Iyer said. Users will also be able to modify previously granted or denied app access at any time. Microsoft emphasizes that User Transparency and Consent will provide high levels of visibility, offering a clearer view of what apps and AI agents are actually doing on the system.
Redmond developers plan to implement BSM and UTC according to three guiding principles: the new features must provide system-enforced transparency to increase visibility into app behavior, request consent clearly through user-centric prompts, and ensure that Windows can continue running pre-existing, well-behaved applications while the new standard is rolled out.
Microsoft has attempted similar prompt-based runtime models in the past. Windows Vista introduced User Account Control, a widely criticized feature that made the operating system frustrating for many users. UAC has improved significantly on both Windows 10 and Windows 11, though many power users disable the prompt from the start.