Microsoft is implementing an application access permission scheme in Windows 11 similar to that of Android and iOS to enhance security.

Microsoft Introduces New Permission Requests in Windows 11

Microsoft is set to change the way it handles private resources (files, camera, microphone) in its operating system. The new model will require apps to obtain explicit user consent before they can access such data. This decision was made in response to frequent cases where programs override security settings, install unwanted software, or even alter core Windows parameters without the owner's knowledge.

What Will Change
Area Added Basic Security Mode By default, Integrity Control is enabled. Only properly signed applications, services, and drivers will run. Users and administrators can disable this protection for specific programs if needed. Transparency and User Consent Every time a request is made to access confidential resources, a dialog will appear with the option to change the choice at any moment. Like on mobile phones, users will see a list of apps that have access and can revoke permissions as they wish.

Why It Is Needed
Logan Ayer (Windows Platform Engineer) noted that the new measures are necessary to prevent automatic changes to OS settings without user consent. This is especially important for protecting the billions of devices running Windows 11.

Step‑by‑Step Rollout
Microsoft plans to introduce changes gradually, working closely with app developers, corporate clients, and ecosystem partners. User feedback will be used to fine‑tune features and access controls.

Connection to the “Secure Future” Initiative
In November 2023, Microsoft announced the “Secure Future” program after a cybersecurity advisory from the U.S. Department of Homeland Security’s Cybersecurity Advisory Board described the company’s security culture as “inadequate.” The assessment coincided with a major Exchange Online breach by the Chinese group Storm‑0558 in May 2023.

As part of this initiative, the company has already taken several steps:

* Protection of logins against script injection attacks;
* Complete deactivation of ActiveX controls in Windows applications for Microsoft 365 and Office 2024;
* Updating default security settings to block access to SharePoint, OneDrive, and Office via outdated authentication protocols.

What This Means for Users
As Ayer noted, the new updates will provide a higher level of transparency for both regular users and IT administrators. They will now have better visibility into how apps and AI agents interact with the system, as well as greater control over what data can be used. This will enhance overall security and confidence in protecting personal data and confidential information on Windows devices.