Microsoft has built in a variety of security features in Windows 11. Among them, a security option called Smart Application Control (SAC) is quite special. This option uses a zero-trust mechanism and was originally only enabled by default when installing the system to prevent untrusted software from running on the computer. According to Microsoft's original design principles, Smart Application Control only runs on clean systems that are newly installed. If the user tries to disable it, the Smart Application Control feature no longer considers the system to be safe, so it cannot be enabled again after being disabled.
If the user wants to enable this feature again, they must reinstall the system. Recently, the smart application control function accidentally killed the ASUS Ultron Center on the ASUS ROG gaming handheld console. At that time, the user either disabled smart application control or waited for Microsoft to update the handheld console.
Obviously, this approach is very inconvenient for users, especially considering Microsoft's update quality issues. For example, if you accidentally kill a software, you have to wait for Microsoft to unblock it. Users cannot disable smart application control or add whitelists (this feature does not provide a whitelist mechanism).
For this reason, in the latest Windows 11 beta, Microsoft has begun to change the way the smart application control function works. At least in the Windows 11 24H2/25H2 version, Microsoft will allow users to disable and then re-enable the smart application control function.
As a security recommendation, unless there is a good reason to disable this feature, users should always keep smart application control turned on. Although there may be accidental killing, it is still very helpful to improve security.