Microsoft is about to add a useful security feature to Windows 10 to help detect software attacks early
Windows Defender, now known as Microsoft Defender, is becoming more powerful, useful, and becoming a tool to detect and respond to security threats that are widely used on Windows 10. instead of using third-party antivirus software like before. In the near future, this tool will continue to be added with another extremely useful security feature, which is the UEFI (Unified Extensible Firmware Interface scanner) scan.
Specifically, on June 18, Microsoft officially announced that it will add the UEFI scanner feature in the Defender Advanced Threat Protection tool (Defender ATP) to enhance an additional layer of active security. helps detect software attacks early on Windows 10. In other words, Microsoft Defender ATP will soon be able to detect malware entering the system through firmware updates.
In theory, malware that infects the firmware level is often difficult to detect because it is launched before the operating system boots. Microsoft's new UEFI scanning engine was created to solve this problem, by actively interacting directly with the motherboard chipset and reading the firmware's file system when it is launched.

In general, this new tool will use the following components and solutions to deploy dynamic analysis at the firmware level:
- UEFI anti-rootkit, helps access firmware via Serial Peripheral Interface.
- Full file system scanner, which helps check the content inside the firmware.
- A detection tool that helps identify all signs of malicious code and malicious behavior in firmware.
In case malware is detected at the firmware level, users will receive security alerts displayed in the Defender Security Center. Here, the system will give the results of threat analysis and take appropriate steps to respond to suspicious activity in the system at each level.
IT (enterprise-class) security groups can also use the advanced scanning capabilities in Microsoft Defender ATP to hunt for these complex threats. According to Microsoft, the new security tool mentioned above is an essential part of the policy to improve security efficiency in Microsoft Defender ATP, and users can expect many such exciting new features in the future. Microsoft Defender ATP is now provided as the default security application on all Windows 10 devices and when installing the operating system, this antivirus tool will also be automatically activated.
You should read it
- How to protect files from being mistakenly deleted by Windows Defender
- How to Run Windows Defender Offline
- Use Windows Defender with Command Prompt on Windows 10
- How to use Windows Defender to scan programs that do not want PUP?
- How to add exceptions in Windows Defender on Windows 10
- Apple instructs how to defeat Mac Defender
- 5 ways to fix lost UEFI Firmware Settings menu error in Windows 10
- Instructions for using Windows Defender
May be interested
- 3 ways to scan Windows 10 system-wide viruses with Microsoft Defenderwindows 10 comes with microsoft defender security software built in. this software regularly checks and periodically scans to detect, prevent and destroy viruses, malware ... from entering your computer.
- Top 10 best Antivirus software in early 2018 for Windows 10accordingly, the antivirus software from kaspersky, mcafee and vipre security all received 6 points in the security, performance and usability categories. with a maximum score of 18/18, all three anti-virus software ranked first in the rankings.
- How to detect SSH brute force attacks and protection solutionshow to detect ssh brute force attacks and how to protect against them is an important topic in the cybersecurity field today. as more and more people use ssh to manage their servers remotely, protecting against brute force attacks becomes an essential task for every system administrator.
- Microsoft patched a critical vulnerability in Windowsyesterday microsoft patched three vulnerabilities in windows, one of which could be exploited by attacks that trick users into accessing malicious websites.
- Microsoft released a serious patch in IE9 and Windowsyesterday, microsoft patched 34 vulnerabilities in windows, internet explorer (ie), office and other software. among them, there are 15 patches that the company rated as 'serious'.
- Microsoft's Windows and Office stick with serious flawsmicrosoft said that hackers could exploit a serious flaw in its software product line to gain user rights in affected computers.
- Microsoft warns of Windows BlueKeep attacksbluekeep is an unauthenticated remote code execution flaw that affects most commonly used microsoft products.
- The new algorithm can prevent cyber-attacks on GPS devicesscientists have developed a new algorithm that can help detect and prevent cyberattacks on gps-enabled devices in real time.
- Microsoft Defender can detect Android and iOS vulnerabilitiesmicrosoft just announced that threat and vulnerability management support for android and ios has been included in microsoft defender for endpoint, the company's enterprise endpoint security platform.
- How to set up only allowing Microsoft-verified application installation files to run on Windows 11this is a pretty useful security feature that can help prevent users from accidentally installing malware they've downloaded without realizing it.