Microsoft expands testing of Windows 11 admin protection feature
Microsoft has expanded its Windows 11 administrator protection tests, allowing Insiders to enable the security feature from the Windows Security settings.
First introduced in October in a preview build for Windows 11 Insiders in the Canary Channel, admin protection uses a hidden, just-in-time elevation mechanism and Windows Hello authentication prompts that only unlock admin rights when needed to block access to critical system resources.
Once enabled, it ensures that logged-in admin users have only standard user permissions and are asked to authenticate via Windows Hello using a PIN or biometric method when installing new apps or trying to change the registry.
These authentication prompts should be more challenging to circumvent than the Window User Account Control (UAC) security feature to prevent malware and attackers from compromising the system by accessing critical resources.
"With administrator protection enabled, the prompt requesting the user's authorization for elevating untrusted and unsigned applications now comes with expanded color-coded regions which will now extend down over the app description," the Windows Insider team said on Thursday.

Admin protection is off by default and must be enabled by IT admins via group policy or mobile device management (MDM) tools like Intune and, as the Windows Insider team shared today, by users via Windows Security settings.
"Administrator protection can now be enabled from Windows Security settings under the Account Protection tab. This allows users to enable this feature without requiring help from IT admins," the Windows Insider team added.
"It also allows Windows home users to enable Administrator protection via Windows Security settings. Changing this setting requires a Windows reboot."
This new security feature is currently available to Insiders in the Canary Channel who have installed Windows 11 Insider Preview Build 27774.

In recent months, Redmond has also announced that it will roll out a new "Quick Machine Recovery" feature to the Windows 11 Insider Program community in early 2025, which will help system admins remotely fix devices rendered unbootable via Windows Update "targeted fixes."
Additionally, the company plans to add Windows 11 support for Config Refresh, another new feature allowing admins to restore PC settings to preset configurations, and Zero Trust DNS (designed to redirect all DNS queries through trusted DNS servers).
Since November, it has also started testing hotpatching on Windows 365 and Windows 11 Enterprise 24H2 client devices, which enables Windows to download security updates and install them in the background without rebooting.
Some of these features have been introduced since the launch of Microsoft's Secure Future Initiative (SFI) cybersecurity engineering effort in November 2023.
CVE-2025-22224 VMware ESXi and Workstation TOCTOU Race Condition Vulnerability
CVE-2020-29574 CyberoamOS (CROS) SQL Injection Vulnerability
CVE-2025-2783 Google Chromium Mojo Sandbox Escape Vulnerability
CVE-2022-43939 Hitachi Vantara Pentaho BA Server Authorization Bypass Vulnerability
CVE-2024-49035 Microsoft Partner Center Improper Access Control Vulnerability
CVE-2022-43769 Hitachi Vantara Pentaho BA Server Special Element Injection Vulnerability
CVE-2024-40890 Zyxel DSL CPE OS Command Injection Vulnerability
CVE-2025-24983 Microsoft Windows Win32k Use-After-Free Vulnerability
CVE-2017-0148 Microsoft SMBv1 Server Remote Code Execution Vulnerability
CVE-2024-20953 Oracle Agile Product Lifecycle Management (PLM) Deserialization Vulnerability
InformationalInformation Disclosure - Suspicious Comments
InformationalRe-examine Cache-control Directives
CWE-9 J2EE Misconfiguration: Weak Access Permissions for EJB Methods
CWE-163 Improper Neutralization of Multiple Trailing Special Elements
CWE-1324 DEPRECATED: Sensitive Information Accessible by Physical Probing of JTAG Interface
CWE-1049 Excessive Data Query Operations in a Large Data Table
CWE-1286 Improper Validation of Syntactic Correctness of Input
Free online web security scanner