Microsoft is introducing a new security mode for Windows 11. Its aim is to prevent manipulation when executing background scripts. This is how it is activated.
Little by little, Microsoft is correcting the security of Windows 11. Latest feature: Microsoft is testing a new one Insider version of Windows 11 (Dev-Channel) a new security mode that protects batch files (.bat) and CMD scripts from tampering during execution.
This should primarily appeal to power users. But since the new mode can prevent attackers from changing scripts in the background, it also has Impact on all Windows users.
Security for batch scripts
When many people think of batch files, they immediately think of admin tools or corporate IT, and this certainly hits a core target group. In principle, they can also be practical for private users.
Batch scripts automate tasks, save time and help carry out recurring actions reliably.
The elegant thing about it is that you carry out different tasks in one go can be left without having to worry too much about it as a user. But the process in the background also harbors dangers.
Microsoft is currently testing a new security mode that protects batch files from manipulation during execution. This is particularly important because malware sometimes modifies scripts in the background. Private users benefit from:
- More security: Scripts cannot be manipulated during execution.
- Better performance: Signatures are only checked once, not for every script statement.
Enable new security mode in Windows
As of now, the protection must also be explicitly activated in the insider version. This works, for example, via the registry:
- Start the registry editor, for example via (Win) + (R) and regedit
- Navigate to HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor
- Create a new DWORD value LockBatchFilesInUse
- Set new value to “1”.
What the further plans with the new mode look like Microsoft doesn’t reveal. The fact that you have to activate it explicitly suggests that the test should be cautious.
About the Author
