Can't boot your Windows 11 PC? This new feature can fix your system remotely, helping prevent another CrowdStrike BSOD disaster.

News
By
published

Quick Machine Recovery is a new feature for Windows 11 that helps IT admins fix PCs that are unable to boot.

Kevin Addley, VP Marketing & Growth at Future photographs a BSOD at JFK airport
Quick Machine Recovery, one of the many security features announced at Ignite 2024, will help IT admins fix bricked PCs remotely. (Image credit: Kevin Addley | Future)

What you need to know

  • Microsoft announced several security features at Ignite 2024.
  • The tech giant introduced the Windows Resiliency Initiative during the conference, which focuses on strengthening security through enhanced admin privilege controls, improved identity protection, and learning from recent incidents, such as the CrowdStrike disaster that occurred this past July.
  • Quick Machine Recovery, one of the key features announced, allows IT admins to execute targeted fixes from Windows Update remotely even if a PC is unable to boot.

Windows has been around in some format for almost four decades and has become ubiquitous in professional environments. With billions of PCs running Windows, systems running the operating system are often the target of attacks. Microsoft invests a massive amount of time and money to help secure systems and provide tools that IT admins can utilize to protect data and devices. During Microsoft's Ignite 2024 conference, the tech giant outlined its efforts to secure Windows 11, explained why systems should be upgraded to the latest version of Windows, and shared details about new security features that are on the way.

The online portion of Microsoft Ignite 2024 runs from November 19 to November 21, so there will be a lot of discussion about Windows, security, and new features that are on the way. However, Microsoft shared summaries and details about the most important updates that will be discussed at the conference.

Quick machine recovery

The headline security feature announced at Ignite 2024 is Quick Machine Recovery. The feature allows IT admins to execute targeted fixes from Windows Update remotely, even if a PC is unable to boot. Remote access is the key, as it reduces the time required to fix bricked PCs.

Many of the new security features announced and highlighted at Ignite 2024, including Quick Machine Recovery, stem from lessons learned from the CrowdStrike incident this past July. Earlier this year, an issue caused one of the largest outages in history, affecting airlines, TV broadcasters, retail spaces, 911 operators, and several other industries. The IT outage was considered catastrophic. Because the Blue Screen of Death (BSOD) appeared on systems, Microsoft received a massive amount of criticism following the incident, even though the issues were not Microsoft's fault, at least directly. Security features such as Quick Machine Recovery should help resolve similar issues in the future, though I'm sure Microsoft would prefer to never see another CrowdStrike-level event.

Quick Machine Recovery will enter testing among Windows Insiders in early 2025.

Admin privileges

Windows Hello authentication is required for the new Administrator protection feature, which allows users to gain temporary access to the ability to perform tasks that usually require administrator privileges. (Image credit: Future)

Microsoft discussed "longstanding challenges with Windows security" at Ignite 2024. One of the ongoing issues is overprivileged users and applications being able to harm systems. One reason that administrator privileges are an issue is because organizations have two options: give a user administrator privileges or make someone a standard user. This hard split lacks the nuance that's needed in many workflows.

Limiting administrator privileges is a wise policy since those with admin rights can make registry changes and install applications. However, PCs also require administrator privileges to adjust a time zone. If made a standard user, a person may need to create a ticket for an IT admin to do a basic task like changing a time zone. Microsoft is working to find a balance and is testing a solution to this issue.

A new feature called Administrator protection, which is currently in preview, allows standard users to gain temporary access to elevated privileges after secure sign-in. After using Windows Hello to verify identity, Windows will create a temporary isolated admin token to do a specific job, such as installing a needed application. That token is then destroyed after the task is completed, so the user is dropped back down to standard privileges.

Administrator protection is set up in a way that attackers cannot retain administrator privileges even if they have access to a system since the feature requires Windows Hello authentication and created tokens are temporary.

Windows 11 vs Windows 10

TPM 2.0 is both a reason that Windows 11 is more secure than Windows 10 and one of the main reasons many systems are unable to upgrade to Windows 11. (Image credit: Future)

Microsoft's emphasis on Windows 11 being more secure than Windows 10 persists when looking through materials from Ignite 2024. I suspect that Microsoft is eager to find ways to convince people to upgrade to Windows 11 before Windows 10 reaches end of support in October 2025.

Millions of PC users have been reluctant to upgrade systems to Windows 11 or are unable to upgrade their devices to Windows 11 due to minimum hardware requirements. Ironically, one of the features Microsoft highlighted during Ignite 2024, TPM 2.0, is a major reason so many PCs cannot upgrade to Windows 11.

Microsoft highlighted new and existing features that improve security on Windows 11 PCs, including Credential Guard, Local Security Authority protection, and BitLocker being enabled by default on many modern devices. The company also removed insecure code when making Windows 11.

According to Microsoft, reported security incidents have dropped by 62%, and firmware attacks have been reduced threefold due to the security efforts of the tech giant.

I don't doubt that Windows 11 is more secure than Windows 10. Microsoft has clearly put in the effort to improve security and set minimum hardware requirements that are in line with its vision for securing devices. Still, I predict that Microsoft will discover that many people will run unsupported devices due to being unable to afford a new PC or being unwilling to switch away from an otherwise usable device.

🎃The best early Black Friday deals🦃

Sean Endicott
Sean Endicott
News Writer and apps editor

Sean Endicott is a tech journalist at Windows Central, specializing in Windows, Microsoft software, AI, and PCs. He's covered major launches, from Windows 10 and 11 to the rise of AI tools like ChatGPT. Sean's journey began with the Lumia 740, leading to strong ties with app developers. Outside writing, he coaches American football, utilizing Microsoft services to manage his team. He studied broadcast journalism at Nottingham Trent University and is active on X @SeanEndicott_ and Threads @sean_endicott_.