Microsoft has announced significant security enhancements for Windows 365 Cloud PCs, introducing new default configurations aimed at reducing data exfiltration and malware risks.
Starting in the second half of 2025, newly provisioned and reprovisioned Cloud PCs will have clipboard, drive, USB, and printer redirections disabled by default.
These changes align with Microsoft’s Secure Future Initiative and apply to both Windows 365 and Azure Virtual Desktop environments.
The updated security posture specifically targets four redirection capabilities to minimize attack surfaces:
| Feature | Default Status | Impact | Exceptions |
|---|---|---|---|
| Clipboard | Disabled | Blocks text/file transfer between Cloud PC and local device | Overridable via Intune/GPO policies |
| Drive | Disabled | Prevents local | Overridable via Intune/GPO policies |
| USB (low-level) | Disabled | Blocks mass storage devices | Keyboards, mice, webcams exempt (use high-level redirection) |
| Printer | Disabled | Disables local printing from Cloud PC | Overridable via Intune/GPO policies |
These defaults aim to prevent data theft and vectors while allowing essential peripherals to function normally.
IT administrators can override these settings using Microsoft Intune device configuration policies or Group Policy Objects (GPOs) for business-critical workflows.
Since May 2025, all new Windows 11-based Cloud PCs have three key security features enabled by default:
These hardware-enforced protections operate without requiring manual configuration and defend against advanced credential theft and kernel attacks.
Rollout begins gradually in late 2025, with notifications appearing in the Microsoft Intune Admin Center.
Administrators must reprovision existing Frontline Cloud PCs through provisioning policies to apply the new defaults.
The changes underscore Microsoft’s shift toward “secure by default” postures while maintaining flexibility for enterprise-specific needs.
Find this Story Interesting! Follow us on LinkedIn and X to Get More Instant Updates
The post Microsoft Implements New Security Defaults to Safeguard Windows 365 Cloud PCs appeared first on Cyber Security News.
A jump starter is an essential part of car's emergency kit and you don't need…
ANY.RUN, a leading provider of interactive malware analysis and threat intelligence solutions, has recently observed a surge…
Microsoft has released an out-of-band hotpatch, KB5084897, addressing a critical Bluetooth device visibility issue impacting…
Microsoft has announced the release of an AI-powered troubleshooting capability for Microsoft Purview Data Lifecycle…
Illinois Senate Bill 3104 aims to make it easier for residents, including renters and condominium…
The first trailer for Dune: Part 3 has arrived, and it gives us our best…
This website uses cookies.