Mark Tauschek, vice president of research fellowships and distinguished analyst at Info-Tech Research Group, sees the new class of Windows computers leveraging Copilot a logical next step for Microsoft, especially given the rise of AI-enabled attacks.

“The only way to defend against AI-enabled attacks is with AI-enabled defenses,” he said. “Leveraging OpenAI in Azure and now Copilot, it’s only logical that Microsoft scales this to the edge using Copilot and task-specific small language models (SLMs) paired with the plethora of incredibly powerful ARM, x86, and GPU processors.”

But the proof will be in Microsoft’s execution — and iteration — of its Copilot+ strategy, Tauschek said, and CISOs would be wise to introduce the PCs gradually.

“IT security leaders will undoubtedly need to evaluate the Copilot+ PCs,” he said. “They will be manageable using existing Windows management tools, but until they are used and tested in the organization’s environment, the magnitude of benefits will be unclear. I would expect rapid iterations and improvements on the software and OS side in order to leverage the power of the hardware. Nobody will be going all-in on these PCs out of the gate, but I expect a lot of interest in proof of concept and small-scale test deployments. Over time, it will likely become the standard as PC refresh cycles allow.”

Software and OS protection

Removing legacy weaknesses is another way in which Microsoft is improving security with its latest round of announcements. NT LAN Manager (NTLM), a 1993-vintage network authentication and security protocol that still exists within Windows, for example, will be deprecated later this year. In addition, transport layer security (TLS) server authentication certificates, which verify a server’s identity, will no longer be trusted by the Microsoft Trusted Root Program if their RSA encryption keys chaining to roots are shorter than 2048 bits.

For services requiring high security, reliability, and performance, Microsoft is adding virtualization-based security (VBS) to create an isolated secure environment to protect keys; the feature is now in preview. VBS is also used to isolate Windows credentials if a device doesn’t have built-in biometrics. VBS enclaves are now available to third-party developers.