The blue screen of death played a starring role in 2024 thanks to its appearance across the world during the Crowdstrike outage.
Now Microsoft has given IT admins a new weapon to fight this old foe after releasing a feature called Quick Machine Recovery.
David Weston, Vice President of Enterprise and OS Security, introduced the tool in a blog which said it was "born out of the learnings from the July incident".
"Empowering IT administrators with great tools during critical times is a top priority," he wrote. "This feature will enable IT administrators to execute targeted fixes from Windows Update on PCs, even when machines are unable to boot, without needing physical access to the PC.
"This remote recovery will unblock your employees from broad issues much faster than what has been possible in the past."
Quick Machine Recovery will be available to the Windows Insider Program community in early 2025.
Microsoft's Secure Future Initative
The feature one was one of several new tools introduced at Ignite this week as part of Redmond's Secure Future Initiative (SFI).
Since launching the project, Microsoft has "focused the equivalent of 34,000 full-time engineers on the highest-priority security challenges."
Weston promised to "evolve" its partnership with endpoint security partners, who have been on tenterhooks ever since a summit held earlier this year at which Microsoft was widely expected to kick them out of the kernel - a fear that didn't quite come to pass.
"To help our customers and partners increase resilience, we are developing new Windows capabilities that will allow security product developers to build their products outside of kernel mode," Weston continued. "This means security products, like anti-virus solutions, can run in user mode just as apps do.
"This change will help security developers provide a high level of security, easier recovery, and there will be less impact to Windows in the event of a crash or mistake. A private preview will be made available for our security product ecosystem in July 2025."
Microsoft is also "adopting safer programming languages" by "gradually moving functionality from C++ implementation to Rust".
Redmond went on to big up the beefed-up security in Windows 11. All Windows PCs equipped with this OS now "require a hardware-backed security baseline" such as TPM 2.0 and virtualization-based security by default.
"This baseline is the starting point, and the foundation needed to help secure everything else on Windows," Weston said.
This improved security makes Windows 11 "more secure by default than Windows 10, from the chip to the cloud".
Windows 11 comes with Credential Guard, which protect secrets in Hyper-V virtual machines, a vulnerable driver block list, Local Security Authority (LSA) protection enabled by default, and BitLocker also switched on. Insecure code and crypto algorithms have been removed, and kernel attack surfaces, like Tool Tips, have been moved to user mode.
"Our focused security work, driven by observing attacker patterns and behaviors, has resulted in a reported 62% drop in security incidents and a threefold reduction in firmware attacks and 2.9 times fewer instances of identity theft reported," Weston claimed.
Enterprise Windows 11 security additions
Weston announced several features aimed at commercial customers. The first is Administrator Protection, currently in preview, which gives users standard user permissions by default but lets them make system changes and install apps.
Users can securely authorize system changes using Windows Hello, creating a temporary admin token that is destroyed once the task is complete. This ensures admin privileges do not persist, keeping users in control of system resources while disrupting attackers’ access to critical security components.
Windows Hello, the built-in Windows MFA solution, has been "further hardened" and extended to support passkeys.
Smart App Control and App Control for Business to ensure only verified apps run on devices, preventing attacks from malicious attachments and social-engineered malware. These AI-powered policies simplify deployment, allowing IT admins to manage apps efficiently, including custom business apps. Additionally, Windows Protected Print eliminates security risks from print drivers while providing a streamlined printing experience with Mopria-certified devices.
Find the full list of new features on the Microsoft website.
