Microsoft has introduced a significant security control in the latest Windows 11 preview update designed to restrict unauthorized interaction with critical system files.
Released as part of the January 2026 non-security preview (KB5074105), this enhancement specifically targets the Storage settings menu, a sensitive area of the operating system that reveals detailed information about drive usage, temporary files, and system-reserved storage.
By implementing a mandatory User Account Control (UAC) prompt, Microsoft aims to prevent unprivileged users and potential threat actors with local access from modifying or analyzing storage configurations without explicit administrative approval.
Hardening System Security
The primary modification in this release serves as a hardening measure for local system security. Previously, users with access to an unlocked Windows session could navigate to Settings > System > Storage and view granular details regarding how hard drive space was being utilized.
This access included the ability to interact with temporary files and view the breakdown of installed applications and system files.
With the installation of KB5074105, Windows 11 versions 24H2 and 25H2 now enforce an administrative checkpoint at this gateway. When a user attempts to access the Storage settings, the operating system triggers a UAC prompt.
If the current user does not possess administrative privileges, they must provide valid credentials to proceed. This effectively mitigates the risk of “shoulder surfing” or unauthorized data manipulation by individuals who may have gained physical access to a workstation or remote access to a non-admin session.
This update applies to the most recent iterations of the Windows 11 platform, specifically version 24H2 and the newer version 25H2.
The rollout is currently in the “C-release” phase, meaning it is an optional preview that allows administrators to test the changes before they are included in the mandatory Patch Tuesday security update scheduled for February.
The following table outlines the technical specifics associated with this release:
Beyond the security hardening of the Settings menu, KB5074105 introduces updates to the underlying AI framework integrated into Windows 11. These changes affect the “Copilot+ PC” experiences, specifically updating the models used for local processing.
The update refreshes the Image Search, Content Extraction, Semantic Analysis, and Settings Model components to version 1.2601.1268.0. These updates are delivered alongside the core OS improvements to ensure that local AI workloads remain efficient and aligned with the operating system’s latest security protocols.
Administrators deploying this update should note that it includes a Servicing Stack Update (SSU), KB5074104. The SSU is critical for ensuring the device allows for reliable installation of future cumulative updates.
Because the SSU and the cumulative update are combined into a single payload, specific removal commands must be used if a rollback is required.
Administrators cannot remove the SSU portion once installed; however, the cumulative portion can be removed using the DISM /Remove-Package command if compatibility issues arise within the enterprise environment. Microsoft has stated that they are currently not aware of any known issues affecting this release.
Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.
