This is how Windows 11 and Windows 10 21H2 combat PrintNightmare, ransomware and other threats
The toolkit provides a Microsoft-recommended security facility to help administrators better manage Group Policy Objects (GPOs), among other things, without compromising security.
Here's how Microsoft defines its Security Compliance Toolkit:
"The Microsoft Security Compliance Toolkit enables enterprise security administrators to effectively manage their enterprise's Group Policy Object (GPO). Using this toolkit administrators can compare their current GPOs with those of their business. base GPOs recommended by Microsoft or others, edit them, store them in GPO backup file formats, and apply them via domain controller, or put them directly on the server for testing their effects".
The new security facility introduces some new policy settings such as restricting printer driver installation to prevent attack cases like PrintNightmare. There is also "Tamper Protection" which helps against ransomware and other threats. Edge Legacy installation is also removed under the new security basis.
Regarding the limited installation of computer drivers, Microsoft shared:
"We have added a new setting to the MS Security Guide (Administrative TemplatesPrintersLimits print driver installation to Administrators) and enforced this activation. Note that this setting was previously a custom setting in SecGuide.admx/l and has now been moved in".
When it comes to Tamper Protection, Microsoft says it can block malware that does the following:
- Turn off virus and threat protection
- Turn off real-time protection
- Turn off behavior tracking
- Turn off anti-virus software (such as IOfficeAntivirus (IOAV))
- Turn off cloud delivery protection
- Remove security information updates
- Turn off automatic actions for detected threats
This new security base was also released for Windows 11 when this new operating system was officially released in October. Besides the changes mentioned above, the security base of Windows 11 also has more options for Script Scanning permission.
You can download the Microsoft Security Compliance Toolkit 1.0 here.
You should read it
- Instructions for installing and configuring Microsoft Security Essentials
- Link to download Microsoft Security Essentials 4.10.0209.0
- Security features coming to Windows 11
- Microsoft fixes a serious security hole
- Samsung postponed the release of KNOX security application
- Steps to enable security features on Microsoft 365
- A critical flaw in Internet Explorer forced Microsoft to release patches for Windows 7
- Microsoft released an emergency security patch for a serious vulnerability
May be interested
- Patches of dangerous vulnerabilities being exploited by hackers contain dangerous holes and then continue to be exploited by hackersnot long after the log4j vulnerability was discovered, the patch was released. however, the irony is that this patch has holes.
- Microsoft patches vulnerability in Windows AppX Installer being used to spread Emotet malwaremicrosoft has patched a critical zero-day vulnerability in windows that is being exploited by cybercriminals to spread emotet malware.
- Add File/Folder to the exclusion list in Windows Securityhow to add file or folder to the exclusion list in windows security? the fastest and simplest way to add exceptions to windows defender
- Log4Shell zero-day vulnerability discovered, the new nightmare of enterpriseshow to exploit a critical zero-day vulnerability in the java-based apache log4j logging library has just been posted on the internet. this leaves users and businesses as well as organizations vulnerable to remote code execution attacks.
- Detecting a serious security flaw on Viber Desktop, users need to update immediatelythe research team of vncert/cc center recently issued a warning about a serious security hole in the viber desktop chat application - the viber chat application installed on users' computers, to the development team. viber products to fix.
- Why is Windows 11 so much more secure than Windows 10?windows 11 will be a more secure operating system than windows 10. microsoft's new focus on security in windows 11 will revolve around a few key features.