Microsoft is implementing new security defaults for Windows 365 Cloud PCs, including disabling certain device redirections and enabling advanced security features like Credential Guard and HVCI by default. These changes aim to enhance data protection and prevent malware, while allowing IT administrators to override settings as needed. #Windows365 #CredentialGuard
Keypoints
- Starting in late 2025, Windows 365 will disable clipboard, drive, USB, and printer redirections by default for new Cloud PCs.
- USB redirections will be limited to high-level devices like mice, keyboards, and webcams, not low-level device access.
- Microsoft has enabled virtualization security features such as VBS, Credential Guard, and HVCI on Windows 365 Cloud PCs running Windows 11.
- Notification banners will inform IT admins of security defaults, with options to override configurations through Intune or Group Policy.
- Security defaults will also be adopted for Azure Virtual Desktop host pools, enhancing overall cloud environment security.