Introduction
In Windows 11 version 22H2, Microsoft added a new feature called “Windows 11 Smart App Control.” Smart App Control is a system-level function that helps secure your Windows 11 computer by banning harmful and untrusted applications.
In this article, we’ll explain how Windows 11 Smart App Control works and how you can turn it on on your PC. If the feature can work with antivirus software and other protections, we’ll also talk about some of its current limitations.
Microsoft Defender Application Control has provided businesses with a way to shield their employees from potentially harmful software for quite some time. This feature uses Microsoft’s “Intelligent Security Graph” to figure out how trustworthy an app is. It is managed by an MDM app like Intune or Microsoft Endpoint Configuration Manager.
How does Smart App Control Security work?
Smart App Control in Windows 11 offers a great deal of security against new and emerging risks by prohibiting hazardous or untrustworthy applications. Smart App Control also helps you block potentially unwanted apps. These are apps that might slow down your device, show ads you didn’t ask for, offer extra software you didn’t want, or do other things you didn’t expect. Its goal is to block untrusted and unwanted apps on Windows 11, even when your third-party antivirus or Windows Security is turned off.
If you’re wondering how it works, Microsoft’s intelligent cloud-based security service is being used this time to figure out if an app is safe to run on your PC or not. Smart App Control works in tandem with your existing security software, such as Microsoft Defender or non-Microsoft antivirus products, to provide supplementary protection.
If we talk about the basic working principal of SAC, Initially AI (the cloud-based service) examines the app for harmful activities. If the service determines that the app is safe to execute, it will let the application to operate. In the event that the cloud service is unable to make a definitive determination or detects a red signal, Smart App Control will validate the signature. If the app is signed and the signature is valid, SAC will let it to operate; otherwise, it will block it.
In addition, there is an Evaluation option available inside Smart App Control. Smart App Control starts in Evaluation mode by default. Initially, SAC operates in Evaluation mode to see whether you are a suitable candidate for having SAC always enabled. If you are a developer or work in corporate and SAC interrupts you too often, Evaluation mode will disable SAC so that you may work uninterrupted. However, if it determines that you are likely to run malware and viruses, it will keep the SAC switched on throughout the Evaluation time. Smart App Control won’t block anything while it’s in evaluation mode.
Once the evaluation is complete, or if you manually switch Smart App Control on or off, you won’t be able to return to evaluation mode unless you reinstall or reset Windows.
Where are the Smart App Control settings?
You can find the settings for Smart App Control in the App & browser control panel of the Windows Security app. The fastest way to access these settings is:
- Tap the Start button in Windows.
- Type Smart App Control in the search box.
- Select the Smart App Control system settings from the results.
There is presently no method to circumvent the security provided by Smart App Control for specific applications. You may disable Smart App Control, or (even better), contact the app’s creator and persuade them to sign the app with a genuine signature.
I hope this will be informative for you, please do share if you find worth sharing it.