Microsoft has expanded its testing of the Windows 11 admin protection feature, allowing Insiders to enable it from the Windows Security settings. The feature, introduced in October, uses a hidden elevation mechanism and Windows Hello authentication to block access to critical system resources when needed.
Admin protection ensures that logged-in admin users have standard user permissions and are asked to authenticate via Windows Hello using a PIN or biometric method before installing new apps or changing the registry. This makes it more challenging for malware and attackers to compromise the system.
The feature is currently available to Insiders in the Canary Channel who have installed Windows 11 Insider Preview Build 27774. It can be enabled from Windows Security settings, allowing users to do so without requiring IT admin help. However, enabling this setting requires a Windows reboot.
This new security feature is part of Microsoft’s Secure Future Initiative (SFI) cybersecurity engineering effort, which has introduced several other features since November 2023, including hotpatching on Windows 365 and Windows 11 Enterprise 24H2 client devices.
Source: https://www.bleepingcomputer.com/news/security/microsoft-expands-testing-of-windows-11-admin-protection-feature