Administrator Protection is a new security feature that Microsoft announced last fall and has now launched in testing for the Windows 11 Insider channel. The idea is strengthen operating system security Preventing cybercriminals and malware from compromising computers by accessing critical resources in management accounts.
This feature was disabled by default and needed to be enabled by IT administrators through group policy or mobile device management (MDM) tools like Intune. With the move to the Insiders channel and to facilitate its use, Microsoft has implemented its enablement by any client from the Configuration section:
«Administrator Protection can now be enabled from Windows security settings in the account protection tab. This allows users to enable this feature without needing help from IT administrators«comment from the Windows Insider team. The feature can be enabled by both business customers and home users.
Administrator Protection: more security for Windows
It is known that the security of enterprise resources depends on the integrity of privileged accounts that manage IT systems. And the use of Credential theft attacks targeting administrator accounts and other privileged access to try to access confidential data, is the order of the day and has been facilitated by the possibilities offered by AI.
The function at hand is therefore welcome. Technically, it uses a hidden elevation mechanism and Windows Hello authentication prompts that only unlocks administrator rights when strictly necessary access to critical system resources.
Once enabled, it ensures that logged-in admin users only have standard user permissions and are required to authenticate through Windows Hello using a PIN or biometric method if they want to install new apps or attempt to change the registration.
These authentication prompts should be harder to bypass than the Windows User Account Control (UAC) security feature. “With administrator protection enabled, the message requesting user authorization to elevate untrusted and unsigned apps now arrives with color-coded parts, which will now extend downwards over the app’s description.”they explain.
The objective is the well-known: Prevent malware and attackers from compromising computers by accessing critical resourcessomething allowed in administration accounts and exploited by cybercriminals.
