Microsoft is taking a bold step forward in securing the Windows ecosystem with the announcement of two major security initiatives: Windows Baseline Security Mode and User Transparency and Consent. These updates, revealed on February 9, 2026, represent a fundamental shift in how Windows handles application security, user privacy, and system integrity. The changes position Windows to operate more like modern mobile platforms while preserving the openness that has defined the platform for decades.
The Challenge: Balancing Openness with Security
Windows 11 currently powers over a billion devices and supports millions of apps across business, creativity, education, gaming, and productivity. For decades, Microsoft's commitment to openness and compatibility has enabled a rich and enduring ecosystem developed by a global community of partners. However, this openness has created challenges.
Users increasingly encounter apps that override their settings, install additional software, or alter core Windows experiences without awareness or consent. The feedback from users has been clear: Windows must remain an open platform while also being secure by default, protecting the integrity of user experiences regardless of which apps are installed.
Importantly, developers and ecosystem partners have echoed this need, calling for stronger and more consistent security foundations in the operating system. Microsoft's response is to evolve Windows into a consent-first model that makes app and AI agent behavior transparent, decisions reversible, and access limited to clearly approved capabilities.
Introducing Windows Baseline Security Mode
Windows Baseline Security Mode represents a significant architectural shift in how Windows protects system integrity. With this mode, Windows will operate with runtime integrity safeguards enabled by default. These safeguards ensure that only properly signed apps, services, and drivers are allowed to run, protecting the system from tampering or unauthorized changes.
Critically, this doesn't mean Windows is becoming a closed platform. Users and IT administrators will retain the flexibility to override these safeguards for specific apps when needed. Additionally, developers will be able to check whether these protections are active and whether any exceptions have been granted, giving them insight and control over the conditions under which their apps run.
This approach builds on Microsoft's existing security initiatives, including the company-wide Secure Future Initiative and the Windows Resiliency Initiative, which focus on helping organizations prevent, manage, and recover from security incidents.
User Transparency and Consent: Smartphone Security Comes to Desktop
The User Transparency and Consent initiative brings a more consistent and intuitive approach to how Windows communicates security decisions. Following the model established by smartphones, Windows will now prompt users when apps attempt to access sensitive resources such as files, cameras, or microphones, or when they try to install additional software.
These prompts are designed to be clear and actionable, with users always having the ability to review and change their choices later. Apps and AI agents will be expected to meet higher transparency standards, giving both users and IT administrators better visibility into application behaviors.
System-Enforced Transparency
Similar to mobile phone operating systems, users will be able to clearly see which apps have access to sensitive resources, including the file system, devices like cameras and microphones, and other protected assets. If users see an app they don't recognize or trust, they can revoke access immediately.
User-Centric Consent
Users will receive clear prompts to grant or deny apps permission to access protected data and hardware. These consent mechanisms put users firmly in control of their personal data and device features. Importantly, permissions can be revoked at any time, even after being previously granted.
Thoughtful Rollout Approach
Microsoft recognizes that significant platform changes require careful execution. The rollout will begin by giving users and IT administrators visibility into how apps and agents behave in the system. For developers, Windows will provide tools and APIs to streamline adoption. Well-behaved existing apps will continue to work, giving developers the time and runway needed to adapt to the new security and privacy posture.
Industry Support and Collaboration
Microsoft has already begun working with key ecosystem partners to shape the early direction of these initiatives. The response from industry leaders has been overwhelmingly positive:
Jacob DePriest, CISO and CIO at 1Password: "We're excited to see Microsoft's commitment to hardening desktop app security by making app behavior more transparent and strengthening security by default. As more people continue to rely on SaaS apps, agents and AI-driven tools, clarity and consent at the operating system level are critical to protecting sensitive data without adding friction."
Michael Draper, VP of Global Consumer Trust at Adobe: "Adobe has always taken a proactive approach to security and we are collaborating across the ecosystem to strengthen customer protection. These efforts align with our broader focus on trust and we appreciate the opportunity to work alongside companies that share this commitment to keeping people safe."
Alex Ionescu, Chief Technology Innovation Officer at CrowdStrike: "CrowdStrike is looking forward to being an early partner in the development of a new, more secure and resilient runtime model for Windows applications. When applications and agentic workloads are well-behaved and respect user consent settings with proper security boundaries, security software can better protect users from attackers with reduced performance overhead."
Ari Weinstein, Member of Product Staff at OpenAI: "As we build increasingly capable agents, it's even more important for people to have visibility and control over what's happening on their computers. It's great to see Microsoft level up the security of their platform, and we're excited to work together to deliver powerful, secure AI experiences on Windows and beyond."
Thomas Paul Mann, Co-founder and CEO of Raycast: "At Raycast, privacy and security have always been core to how we build. As a tool that works deeply with Windows, we believe users deserve full transparency about what apps can do. This matters even more as AI agents start to act on their behalf. We're excited to support User Transparency and Consent and shape it together."
Guiding Principles: Preserving Windows' Openness
These security enhancements are grounded in principles that put users clearly at the center while preserving what has made Windows successful: the freedom to install any app and openness to every developer. Windows will not become a walled garden; rather, it will become a more secure open platform that empowers users with better information and control.
What's Next: Phased Implementation and Community Engagement
Microsoft recognizes that meaningful change takes time. The rollout will follow a phased approach guided by clear principles and developed in close partnership with developers, enterprises, and ecosystem partners to ensure a smooth transition.
In the coming months, Microsoft will publish additional blogs and create dedicated feedback channels to invite broader community engagement. The company is expanding the conversation beyond early partners to include the entire Windows ecosystem, encouraging everyone to share insights and help refine this journey.
The goal is ambitious but clear: strengthen the Windows ecosystem and build the foundation for the next 40 years of innovation, grounded in trust, transparency, and user consent. By giving users the tools to understand and control what happens on their devices while maintaining the platform's legendary compatibility and openness, Microsoft aims to set a new standard for desktop operating system security.