At the Microsoft Ignite conference, the company unveiled a series of security enhancements for Windows Subsystem for Linux (WSL) and Windows Package Manager (WinGet), focusing on better integration with Microsoft Entra ID (formerly Azure Active Directory). These updates aim to provide enterprises with greater control and security over the use of these tools, aligning with modern identity-based and zero-trust security frameworks.
For WSL, Microsoft has introduced Entra ID integration in private preview. This integration offers a zero-trust approach by enabling seamless access to enterprise resources from within WSL distributions. The new feature enhances security by allowing Linux processes to leverage underlying Windows authentication and by managing the use of Entra tokens. Additionally, the general availability of Intune device compliance integration empowers IT administrators to enforce enterprise policies on WSL distribution and version usage through conditional access.
Another significant enhancement to WSL is a revamped distribution architecture. This update allows IT professionals and developers to create and customize WSL distributions tailored to enterprise needs, bundling specific tools, binaries, and applications. These custom distributions can then be deployed to users while adhering to organizational security policies. WSL distributions can now also be installed from configurable source locations, independent of the Microsoft Store. These features are expected to enter preview in the coming months.
WinGet, Microsoft’s command-line tool for app installations, has also received updates. Entra ID integration for WinGet is now in public preview, enabling IT administrators to control access and ensure that only authorized users can install software within an enterprise. Moreover, WinGet now supports the ability for enterprise users to download line-of-business applications from any approved WinGet source using the “WinGet Download” command, which is now generally available. These updates mark a significant step in enhancing security and manageability for enterprise environments.