What simply occurred? Cloud-based Home windows installs are typically safer than native setups, particularly in opposition to bodily and community assaults focusing on endpoint gadgets. Now, Microsoft is elevating the bar additional by enhancing safety features particularly for Home windows 365 Cloud PCs.
Microsoft not too long ago introduced two security-focused adjustments to the Home windows 365 Cloud PC platform. The subscription-based service will quickly disable all user-level file redirections and allow a number of virtualization-based safety features to strengthen information and code integrity. Each adjustments shall be enabled by default, although particular admin settings might complicate implementation.
Redmond mentioned “choose redirections,” together with clipboard, drive, USB, and printer redirections, shall be disabled by default on newly provisioned or reprovisioned Cloud PCs. This alteration goals to cut back dangers like information theft and malware, however it might negatively have an effect on consumer expertise. For instance, Microsoft defined that accessing a file will disable the clipboard, making it not possible to repeat information between the Cloud PC and bodily gadgets.
Whereas USB redirections are disabled by default, gadgets managed via “high-level redirections” will not be affected. Mice, keyboards, and webcams fall into this class and will proceed working as anticipated. Moreover, present provisioning insurance policies be certain that Home windows 365 Frontline Cloud PCs in shared mode stay unaffected.
Disabling redirections ought to make Home windows Cloud PCs safer and higher aligned with Microsoft’s Safe Future Initiative. Home windows 365 Cloud PC gives entry to a restricted Home windows atmosphere hosted on Microsoft’s cloud platform. The corporate launched the service as a extra productive approach to make use of Home windows whereas bettering safety and resilience for enterprise organizations.
The supposedly safe Cloud PC platform now wants much more safety – together with a little bit of user-level frustration since individuals nonetheless have to work with information, whether or not they’re native or within the cloud. Microsoft launched the Home windows 365 Cloud PC service just a few years in the past and has steadily added new options. It is now even promoting a $350 “dumb” terminal designed solely to entry Home windows photos hosted within the cloud.
Microsoft will start rolling out adjustments to file and gadget redirection insurance policies within the second half of 2025. System directors might want to manually reenable these options via Intune or GPO in the event that they need to restore them. In the meantime, Microsoft activated the brand new virtualization-based safety enhancements in Might 2025, providing what’s probably a extra user-friendly approach to enhance safety on the cloud platform.
Microsoft now consists of virtualization-based safety features like VBS, Credential Guard, and HVCI by default on Cloud PCs operating Home windows 11. The VBS system makes use of {hardware} virtualization to create a safe reminiscence enclave for important processes. Credential Guard builds on this basis to guard entry credentials. Reminiscence integrity, often known as HVCI, enforces kernel-level code integrity by permitting solely verified code to run.
