The control of intelligent apps from Windows 11 at a glance

With Windows 11 in version 22h2, Microsoft also has one as well as further innovations New protective function called Smart App Control Implemented that it works in combination with Windows Defender or any other virus scanner e can block unreliable files. In the following article you will learn what Smart App Control does, how to activate the function and when it is better to do it without it.

1. The crucial point of freedom in Windows

Windows is also estimated by users around the world, since each user can decide which programs they carry out on the system. Compared to iOS, where it is possible to perform only apps tested by the Apple shop, Microsoft has not so far been the only source of reliable programs.

This also makes users' freedom to choose the choice of the programs used and their origin itself, even the largest problem of windows: IT attacks on critical infrastructures such as authorities, hospitals or energy suppliers, but also in the private sector, often returns to the execution of software or harmful attachments. The active protection of the virus can intercept many known threats, but not all of them.

2. The control of intelligent apps performs only reliable files

A scanner virus intervenes only if the requested file is classified as «evil» through signatures or heuristic. Smart App Control (SAC), which has recently been introduced with Windows 11 version 22h2, on the other hand, pursues the approach to only programs and files that are reliable from the Microsoft point of view. Microsoft reaches this classification through different criteria:

• Classified a cloud of Ki, How much the file that has just been made is just made. Artificial intelligence accesses billions of anonymous information.
• If there is still no information on the file, the control of the intelligent app checks if the file is one has the digital signature created with a superior quality certificate. These certificates cost several 100 euros per year and are therefore generally used only by commercial suppliers. Microsoft has described its requirements for the «reliable root program» in more detail in the connection.
• Files with endings like Sys, URL, VB*, VHD*, WSF, WSH, Reg, RDP, PS1, SFC, SCC, BAT, CMD, CMD, CPL, Com, DLL, HTA, ISO, JS, JSE, MSC, MSP, OCX, LNK, PPKG are generally classified as unreliable When they come from the internetBut what can be faced with a trick.

3. So you can turn on or deactivate the control of intelligent apps

The control of intelligent apps is integrated in Windows Security

After one The new installation initially works only in evaluation mode And he analyzes the programs that manage from which sources for a longer period of time.

Control of intelligent apps cannot be activated: In the event of updating, the function bag, on the other hand, is permanently deactivated and sAvailable only after a new installationReset «this PC». In addition, optional diagnostic data must be activated, which are already questioned during the installation, otherwise it can also be activated later in the settings with data protection in Windows.

If the algorithm comes to the conclusion after a certain time that you only use reliable programs from safe sources, SAC will activate from you, otherwise the service will be deactivated for you. You can also put control of intelligent apps at hand.

From this point on, Windows blocks all the programs that are not classified as harmless or have no signature with a higher quality certificate.

Since the cloud of the SAC cannot know all the programs of the world There is a risk that there is no information for a program. If the manufacturer does not use a certificate in the sense of Microsoft, the file is blocked when the SAC is activated. This affects tools related to the system and auxiliary programs, as they are also found on the NiSoft website.

Since developers do not use digital signature at all or only one with an «economic» certificate, Microsoft denies access to these tools in individual cases.

3.1. How can I set exceptions for the control of intelligent apps?

Saci's concept of security No possibility of defining an exception for individual apps and programs. It is therefore possible to perform the file in question only in a virtual machine or in the sandbox from Windows, but not in the real system itself.

3.2. How can I still use the types of files blocked from the internet?

The one mentioned at the beginning File types have blocked SAC only if they were downloaded from the Internet. You can view the status of a file in the properties and here also for individual downloads Allow access.

This means that the file is no longer considered insecure And it is no longer blocked by the control of intelligent apps. Only the installed virus scanner could still deny access.

3.3. How can I turn off the control of intelligent apps?

If you have to accept too many restrictions for SAC, the Also turn off the function via Windows Security. But this arrest is permanently. You can only do the service after one New installation to use.

4. Our conclusion

The new Smart App Control function could really mean less threats under medium -term Windows. For most users, Windows deals with the active mode after evaluation. Food users and very unusual programs users are already classified as «unsuitable» through evaluation and therefore are not activated at all. Even blocking dangerous attachments of files from the Internet is coherent and guarantees even more security. In our opinion, however, let's not do if Microsoft meets the desire to allow exceptions to programs that currently do not have an answer, but in our opinion.

(22 votes, media: 4,80 out of 5)

Loading …