The school's Windows 11 has a security vulnerability.

ENHANCEMENT: Require Admin Password for Destructive Actions in WinRE (Command Prompt, Reset)

(improvement: Require Admin Password for Destructive Actions in WinRE (Command Line, Reset)

Category: Security and Privacy

Subcategory: Windows Recovery Environment (WinRE)

Nội dung Chi tiết (Detailed Description)

I am submitting a critical security enhancement proposal concerning the Windows Recovery Environment (WinRE) for Home and Family users.

The Problem:

Currently, users (including children or unauthorized individuals) can easily bypass parental controls (like Microsoft Family Safety) and delete all data/settings simply by accessing WinRE via Shift + Restart. WinRE operates at a system level, ignoring all user policies.

The Critical Security Flaws:

Easy Data Wipe: Users can select "Reset this PC" without any administrative password authentication.

System Hijack: Users can access the Command Prompt (CMD) within WinRE, which runs with system-level privileges. This allows them to:

Delete existing Admin accounts.

Create new Admin accounts with new passwords.

Effectively "steal" and factory-reset the managed PC, rendering all parental control efforts useless.

The Proposed Solution (The Core Idea):

Implement a mandatory, password-protected security layer for all destructive and system-altering actions within WinRE.

Specifically, whenever a user attempts to select the following options, they must be prompted to enter the password for the primary Administrator (Parent) account:

"Reset this PC" (Đặt lại PC này)

"Command Prompt" (Dòng lệnh)

Any tool capable of modifying user accounts or system files.

Benefit: This change preserves WinRE's critical function (emergency recovery) while adding necessary security, making Microsoft Family Safety truly robust and protecting millions of home users from device takeover.