Event banner
Event details
63 Comments
- Will the on-demand Process Elevation feature be backported to Windows 10, or be available in Windows 11 only? Will this be limited to the Enterprise SKU?
- If Pluton and Secured-core defeats side-channel attacks, will all OEMs be supporting it?
I would like to learn more about how and where windows store the password for this feature. is it in Pluton?
Also how does it work with password management tools and using the clipboard to paste passwords. 
- The Microsoft Store was more than a collection of applications. Requiring apps to be packaged as MSIX and APPX made even traditional/non-UWP applications safer, as well as easier to deploy and maintain. I feel like allowing MSI and EXE installers into the Store was a move away from years of effort to improve security/privacy/reliability/manageability. Would you please speak to this concern?
- It was my understanding that the Universal Windows Platform (UWP) was Microsoft's security/privacy/reliability/maintainability focused API layer between an application and the operating system. Which also added OS level features; app permissions, live tiles, notification toasts, history cards, sharing options, etc. Essentially, Microsoft backing into the same position Android has had since its beginning and iOS adopted before supporting 3rd party applications. Is UWP, or a similar boundary, still a focus of Windows 11?
- Will Windows 10 get the newly announced security features for Windows 11, such as Smart App Control, Personal Data Encryption, etc.?
Welcome to the Windows Security AMA. Let's get started! Post your questions in the Comments. David Weston and crew will be answering questions in the live stream—and others will be answering here in the chat.
- Regarding Remote Credential Guard, will there be an official supported way to use supplied credentials with RCG?
- For Personal Data Encryption that’s tied to the user’s Hello, are there provisions for enabling admin staff to access the data?
- Could a SMM isolation policy prevent a rootkit on SMM from modifying WinLogon.exe's process memory? What about MSEdge.exe's process memory? Only kernel memory? I found a rootkit that breaches from firmware to Windows memory space and uses memory injection on WinLogon.exe to do things like force a shutdown and steal files. It can also breach Chromium based browsers for more nefarious deception to the user about visited pages. If not by SMM policy, what other way does the new security measures of Windows 11 can neutralize a threat like that?
- Carlos_Mayol
Microsoft
Those who want to know more about what SMM is: you can read more about SMM and System Guard Secure Launch here: https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-system-guard/system-guard-secure-launch-and-smm-protection
