Windows: advancing security and resilience for every user

• Passwordless sign-in: Windows 11 Passkeys and FIDO2 credentials enable secure, convenient authentication without passwords. This approach dramatically reduces the risk of phishing and credential theft, making sign-in simpler and more resilient for users and IT teams. Learn more about passwordless sign-in and authentication.
• Phishing-resistant multi-factor authentication (MFA): Phishing-resistant MFA ensures identity is verifiable and access is accountable, and enforces Zero Trust principles, dramatically reducing account compromise attempts and helping organizations meet regulatory requirements for identity protection. Within Microsoft’s organization, nearly every Microsoft user and device now leverages multi-factor authentication, using phishing-resistant methods. Learn more about phishing-resistant MFA.
• Hotpatch updates: Windows Hotpatch allows devices to receive security updates without requiring a restart. Users stay productive and compliant, while IT teams maintain security posture with less disruption to daily operations. With Hotpatch, 81% of Microsoft’s enrolled devices become compliant within 24 hours of Patch Tuesday. Learn more about Windows Hotpatch.
• Quick machine recovery: When a device encounters a boot failure, Windows 11 can automatically initiate a secure, cloud-connected recovery process. This minimizes downtime, enables remote troubleshooting and protects against sophisticated boot-time attacks—helping organizations restore productivity faster. Learn more about quick machine recovery.

Surface: raising the bar for device security and trust

• Industry-leading firmware security: Surface is leading the development of modern, memory-safe firmware to address common security vulnerabilities like buffer overflows and use-after-free errors—issues that occur when software mishandles memory. In fact, 70% of the security vulnerabilities that Microsoft resolves each year—those assigned a CVE (Common Vulnerabilities and Exposures)—are linked to memory safety issues. By leveraging Rust-based UEFI firmware and Secure Embedded Controller designs, Surface is building stronger defenses against sophisticated attacks and supply chain threats, while laying a resilient foundation for the future. Learn more about Surface and memory-safe firmware.
• Safer drivers for stronger devices: Surface is pioneering the development of Windows drivers in Rust, eliminating memory safety bugs like buffer overflows and use-after-free errors that account for the majority of driver-related security incidents. These advances mean fewer vulnerabilities, more reliable updates and a stronger foundation for every Windows device. Learn more about the development of Windows drivers in Rust by Surface.
• Ecosystem impact and transparency: Surface’s open-source leadership and collaborative engineering approach mean these security innovations aren’t limited to Surface alone. Through initiatives like the Open Device Partnership (ODP), Surface is sharing firmware and Windows drivers in Rust with OEM partners, raising the bar for device trust and transparency across the Windows ecosystem. Learn more about the Open Device Partnership. See the GitHub repositories for Open Device Partnership and Windows drivers in Rust.

Discover the full story: Read the November 2025 SFI Progress Report

Learn more about security innovations at Microsoft Ignite

• Inside Windows Security, from client to cloud (BRK 258): Join this session to learn about the newest security capabilities across Windows 11 and Windows 365 to protect users and data, including features like password and identity management, protecting against malware, hotpatching, hardware updates and more.
• Resilient by design: How Windows has evolved with new recovery tools (BRK 345): Explore advancements in Windows resiliency and get to know new Windows recovery tools and features designed to restore devices efficiently after unforeseen PC incidents.
• Advancing Windows device security through Surface innovation (BRK 338): Discover how Surface and Microsoft boost Windows device security with memory-safe Rust firmware and drivers, reducing vulnerabilities and improving reliability.

Five security shifts that will define the next decade

AI agents will boost productivity—but multiply risk

Cyber-physical agents will expand the security perimeter

Quantum will create retro threats and require specific protective technology

AI-enabled workforces will reshape talent … and risk

Hardware-level security will reduce threats and require system upgrades

Five security strategies to build future-ready security

Track and secure reliable software and hardware supply chains

Invest in attack prevention, not detection, as a primary strategy

Leverage agentic AI to prepare for—and counter—modern threats

Invest in mechanisms that track and ensure source integrity

Mandate consistent security hygiene protocols

Move from risk to resilience with proven frameworks and strategies

• Secure Future Initiative (SFI) is a multi-year commitment by Microsoft to continue to build security into our products, services and operations. The goal is to enhance the design, building, testing and operation of technology to meet the highest possible standards for security.

• Windows Resiliency Initiative (WRI) is a Microsoft initiative that focuses on preventing, managing and recovering from security and reliability incidents, mitigating issues quickly if they arise and facilitating seamless recovery across the Windows platform. WRI includes the ability to recover systems remotely and is part of a continual effort to make Windows the most resilient and secure open OS platform.

• Microsoft Virus Initiative (MVI) is a partner program with other independent software vendors that provides anti-malware solutions. Microsoft collaborates with MVI partners to define and follow Safe Deployment Practices (SDP), incident response and the development of new platform capabilities in Windows 11.

• Zero Trust is a security strategy and approach that requires verifying explicitly, using least privileged access and assuming a breach. The framework was created to help organizations reduce security vulnerabilities with expanded visibility across their digital environments, risk-based access controls and automated policies.

Act now to secure your future

• Windows Resiliency Initiative report

• The Microsoft cybersmart toolkit

• Microsoft Windows security

2003–2007

• Patch Tuesday updates begin. They introduce supporting patch management processes, including Windows Update and Microsoft Update services.
• Windows Vista and later Windows 7 are released. Both incorporate enhanced security features, User Account Control (UAC), Windows Defender and improved firewall capabilities.

2008–2012

• New out-of-band (OOB) updates address imminent threats like the Conficker worm vulnerability.
• Security Development Lifecycle expansion provides a robust set of best practices and guidelines for developing secure software.
• New tools help organizations deploy and assess the status of security updates. These include Windows Server Update Services (WSUS) and the Microsoft Baseline Security Analyzer (MBSA).
• Windows 8 features improve security measures. We welcome Secure Boot, Windows Defender enhancements and further developments in User Account Control (UAC).

2013–2017

• Windows 10 is introduced. It represents a fundamental shift towards a "Windows as a service" model. It’s accompanied by the inaugural release of the Windows update history pages, more commonly known as release notes.
• New security enhancements aim to provide stronger protection against malware, unauthorized access and credential theft. Device Guard, Credential Guard and Windows Hello are developed and released.
• Windows Update for Business goes live. It allows organizations more control over when and how to deploy Windows updates.
• The quality and reliability of security updates continue to be the focus of the conversation. “In each new monthly quality update, we add another layer of security, one that tracks emerging and changing trends in malware and viruses” (John Cable, September 20, 2017).
• We take proactive steps to bolster transparency and align with General Data Protection Regulations (GDPR). Organizations gain the confidence they need to keep devices up to date.

2018–Present

• An industry-wide collaboration begins around proactively patching firmware. It follows a public disclosure of Spectre & Meltdown hardware vulnerabilities. Monthly quality updates serve as a tool to expand microcode updates to devices.
• The use of machine learning optimizes Windows update experiences as proactive measures across Windows updates continue. AI becomes a tool to serve Windows 10 feature updates.
• Rigor and transparency grow: “The scale and diversity of the Windows ecosystem requires us to take a data-driven approach to quality and to leverage automation for testing, validation and distribution" (Mike Fortin, former CVP, December 10, 2018). The discussion of quality validation efforts via Patch Tuesday includes the Pre-release Validation Program (PVP), Depth Test Passes (DTP), Monthly Test Passes (MTP), the Windows Insider Program (WIP) and the Security Update Validation Program (SUVP).
• Windows release health dashboard offers everyone a single pane of glass to view known issues across feature and monthly quality updates.
• In response to 2020's COVID-19 emerging pandemic, remote work-related tools receive greater focus. We address vulnerabilities in Remote Desktop Services and Microsoft Teams, as well as extend End of Support for certain active versions of Windows.
• Known Issue Rollbacks (KIRs) help devices quickly return to a productive state if inadvertently impacted by an update issue.

• In August 2022, the newly announced safeguard holds with Windows Update for Business deployment service help organizations with rolling out updates.
• That same year, Unified Update Platform (UUP) on premises is available for commercial organizations as a public preview. Integrated with Windows Server Update Services (WSUS) and Configuration Manager, it simplifies quality and feature update deployment. It hits General Availability in 2023.
• Windows Autopatch emerges as a growing part of the Patch Tuesday experience.
• Microsoft launches the Secure Future Initiative across Microsoft to pursue our next generation of cybersecurity protection.

Our principle-based Patch Tuesday evolution

• Predictability: The Windows monthly release cadence should align predictably to the second Tuesday of every month.
• Simplicity: Everyone should be able to manage to a simple, regular and consistent patching experience. Doesn’t matter if you’re an individual Windows user or an IT manager overseeing your organization. You shouldn’t need to stop what you're doing to rigorously test an update before deploying it.
• Agility: In today’s computing landscape, security threats demand quick responses. We must provide all Windows users with updates quickly without compromising quality or compatibility.
• Transparency: To simplify the update process for individuals and for businesses large and small, everyone should have access to as much information as they need. You should be able to understand updates in advance. This includes comprehensive yet clear release notes, guides for common servicing tools, access to assistance and a feedback system.

• Security updates from the chip to the cloud
  • The Pluton security processor’s firmware will be updateable through Windows Update along with standard industry controls. This tightly integrated hardware and software helps protect against security vulnerabilities by adding additional visibility and control, and provides a platform for innovation that allows customers to benefit from new features in future releases of Windows that leverage the Pluton hardware and, with this design, are adaptable to changes in the threat landscape.
• Physical attack resistance
  • Even if the attacker has complete physical possession of the PC, the AMD Security Processor and Pluton are designed to co-exist on AMD client silicon to ensure constant communication, which helps to eliminate an attack vector that physical attackers could exploit.
• Trusted, proven security built alongside our partners built on approaches and technologies used in Xbox and Azure Sphere.

Improving security for all Windows users with innovation built on partnerships

The start of the Pluton journey with the Windows ecosystem