Windows 11 Smart App Control to Require Clean Install of Windows

Windows 11 Smart App Control to Require Clean Install of Windows

As part of its recent campaign to make Windows the platform of choice for “hybrid work,” Microsoft is rolling out a new security feature. It’s called Smart App Control and it’s kind of like Windows Defender SmartScreen on steroids. This new feature aims to prevent malicious apps from being installed by unwitting users. While that’s certainly a noble goal, there’s just one problem: in order to run it you’ll have to perform a clean installation of Windows. Though the hardcore among us used to boast about regularly nuking and reinstalling Windows to maintain peak performance, that’s no longer the case. Now we boast about how long we go without having to reinstall Windows. That’s because it’s a pain reinstalling all our apps and programs we spent years tweaking. Also with SSDs, Windows usually runs quite fast, even after years of uptime.

The new security feature appeared in a recent Windows Inside build of Windows 11, and the company has described it in a recent blog post. According to Microsoft, “Smart App Control goes beyond previous built-in browser protections and is woven directly into the core of the OS at the process level. Using code signing along with AI, our new Smart App Control only allows processes to run that are predicted to be safe based on either code certificates or an AI model for application trust within the Microsoft cloud.” The company says its cloud processes an incredible 24 trillion “security signals” every 24 hours. It’s this data that it will use to predict which apps are malicious.

Windows 11 Smart App Control to Require Clean Install of Windows

The rub is if you enable it on a system with pre-installed apps, it won’t be able to examine them prior to them being installed. The company doesn’t say why it can’t examine already installed apps, like a virus scanner of sorts. Microsoft only states, “Smart App Control will ship on new devices with Windows 11 installed. Devices running previous versions of Windows 11 will have to be reset and have a clean installation of Windows 11 to take advantage of this feature.”

According to a summary of it by Ghacks.net, after a clean install you can enable it but it runs in evaluation mode. In this mode it examines your PC usage to determine if it should be enabled or not. It won’t block anything in this mode as it’s merely examining the situation. After this trial period is over, the software will either turn itself on or off. Alternatively, admins can choose to enable it or not. However, if you turn it on and then disable it later, you’ll need to do a clean install of Windows again.

Windows 11 Smart App Control to Require Clean Install of Windows

Here’s the rub with just turning it on and letting it do its thing; there doesn’t appear to be any workaround for it blocking an application. Smart App Control will flag and block applications based on three criteria: known malicious applications, untrusted apps, and potentially bad software. In order to determine if an app is trusted or not, Microsoft relies on signed software and usage. Unsigned apps that its cloud doesn’t recognize will be blocked. This could be a problem since an app can be untrusted but still safe. You might have an obscure app you’ve run for 10 years that Microsoft won’t like, for example. It will block the installation of these apps, and there’s no way to add them to a “white list.” That could be a problem for a lot of users for obvious reasons. (Legitimate applications with a relatively small number of users are likely to run into this problem. Many benchmarks and less-common applications I’ve used over the years have run afoul of SmartScreen -Ed)

Hopefully Microsoft figures out a way to either enable it without a clean installation. At the very least, the company could allow some kind of exclusion list for certain apps. Even Apple allows you to override its security suggestions by typing your password and clicking several buttons. It’s possible Microsoft will rethink this, as its blog post notes it’s still in its early stages. In its blog post highlighting the new security features, it concludes with, “More details on this feature will be shared in the future.”

Continue reading

This Giant Claw Could Soon Clean Up Space Junk
This Giant Claw Could Soon Clean Up Space Junk

Cleaning up space to prevent collisons is a tall order, but the ESA has just funded a giant space claw that could show the way forward.

Tesla Ordered to Recall 150K+ Vehicles to Repair Memory Failures
Tesla Ordered to Recall 150K+ Vehicles to Repair Memory Failures

Tesla has been asked — or "asked" — to recall some 159,000 vehicles to repair a NAND memory issue that will eventually cause failures on every affected vehicle.

Tesla Will Recall 134,000+ Vehicles Affected by Inevitable eMMC Failure
Tesla Will Recall 134,000+ Vehicles Affected by Inevitable eMMC Failure

Tesla will recall Model S and Model Y vehicles manufactured over specific model years in order to repair an inevitable system failure.

GM Cuts Pickup MPG to Ship Vehicles During Semiconductor Shortage
GM Cuts Pickup MPG to Ship Vehicles During Semiconductor Shortage

GM has announced a unique way of dealing with the ongoing semiconductor shortage. It's going to drop a chip, cut gas mileage, and ship certain pickups anyway.