Microsoft is taking a major step forward in how it protects people who use Windows 11 — the operating system now running on more than a billion devices worldwide — by putting user transparency and consent at the center of security.

For years, Windows has been valued for its openness: anyone can install any app, and developers have wide freedom to build for the platform. But in recent times many users have reported that apps sometimes override their settings, install unwanted software, or make changes to core aspects of Windows without clear notification or permission. Microsoft believes it’s time for a new approach that preserves Windows’ flexibility while giving users greater control and insight into what software does on their devices.

A Shift Toward Consent-First Security

To address this challenge, Microsoft has introduced two new pillars of Windows security:

• Windows Baseline Security Mode: This strengthens the system’s defenses by ensuring that only trusted code — such as properly signed apps, drivers, and services — can run by default. While administrators can still permit exceptions, this baseline helps protect devices from tampering or malicious software.
• User Transparency and Consent: Taking direct inspiration from mobile platforms, Windows will now prompt users when an app tries to access sensitive resources like files, the camera, microphone, or other hardware features. These prompts are designed to be clear and actionable, so people know when and why an app is requesting access — and can deny or revoke permissions later if needed.

These changes mark an important evolution: rather than relying solely on background protection layers, the operating system invites users into the security process, helping them understand how apps behave and giving them real control over access decisions.

Openness, Not Restriction

Microsoft emphasizes that this shift doesn’t mean Windows is becoming closed or restrictive. On the contrary, the company remains committed to preserving the open Windows ecosystem that developers and users expect. The new security model will be rolled out thoughtfully — first giving visibility to users and IT administrators about app behaviors, and then providing developers with tools and APIs to adopt the new model without breaking existing apps. Established apps that already behave well will continue to work.

Developers and ecosystem partners have welcomed the move. Leaders from companies like 1Password, Adobe, and Raycast have echoed support for stronger transparency and user consent, especially as modern workflows increasingly rely on apps, agents, and AI tools that interact deeply with personal data and system resources.

What This Means for Users

For everyday Windows users, the new approach means:

• Clearer prompts when apps want to access sensitive data or device features.
• A dashboard where users can review and revoke permissions they’ve granted.
• Greater visibility into how applications and AI agents behave on their system.
• A stronger default protection posture alongside the flexibility Windows has always offered.

Microsoft will roll out these capabilities in phases, working closely with developers, organizations, and end-users to refine the experience based on feedback. The goal is to build the next generation of Windows, grounded in trust, transparency, and user control — while continuing to support the rich ecosystem that has defined Windows for decades.