Microsoft is introducing a new security feature for Windows 11 designed to stop risky software before it can embed itself deep inside the operating system. Called Windows Baseline Security Mode, the feature focuses on blocking unsigned apps, services, and drivers by default, particularly the kind that operate quietly in the background.
The new security feature will make it harder for malicious or unwanted software to slip into low-level parts of Windows where it can persist across reboots and resist removal.
The biggest shift is at the system level. Drivers and background services are powerful entry points, which is why attackers like them. Once installed, they can hook into other apps, survive restarts, and operate largely out of sight.
But with Baseline Security Mode enabled, Windows relies on code signing as a gatekeeper. Signed software runs as expected. Unsigned code can be blocked before it installs or executes. If a trusted app is affected, users or IT administrators can approve an exception for that specific case.
Developers, according to Microsoft, will be able to detect when these protections are active and whether an exception exists, which should make troubleshooting less opaque than past security controls that failed silently.
For enterprises, the changes promise fewer surprises across managed systems, while still allowing administrators to approve legacy or niche software where needed.
For individual users, the trade-off will be occasional friction, particularly around older drivers and specialized peripherals.
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.
