• AM processes can run critical user-mode service components as AM-PPL which is at a higher level than an Admin thus can help shield itself from admin level malware
机器翻译：
•AM进程可以运行关键用户模式服务组件为AM-PPL 这是比管理员更高等级，从而可以帮助自己防护管理员等级的恶意软件

• Secure Event Channel
• Extensible channel that provides critical insight into process activities
• AMs can listen to selected TCB/kernel/win32 level events without kernel level hooks
• TCB/kernel events are trusted, they cannot be tampered with by malware
• Whitepaper published via Connect in Feb 2015.

• Inbox support for Offline Cleaning
• WSC provides API to AM apps to make use of inbox WinRE (Windows Recovery Environment) to provide seamless frictionless offline cleaning experience.
• AM applications can remove rootkits and kernel malware difficult to clean online using this feature, without a need to carry their own offline environment.
We will be encouraging you to use these as undocumented