This is how Windows 11 and Windows 10 21H2 combat PrintNightmare, ransomware and other threats
The toolkit provides a Microsoft-recommended security facility to help administrators better manage Group Policy Objects (GPOs), among other things, without compromising security.
Here's how Microsoft defines its Security Compliance Toolkit:
"The Microsoft Security Compliance Toolkit enables enterprise security administrators to effectively manage their enterprise's Group Policy Object (GPO). Using this toolkit administrators can compare their current GPOs with those of their business. base GPOs recommended by Microsoft or others, edit them, store them in GPO backup file formats, and apply them via domain controller, or put them directly on the server for testing their effects".
The new security facility introduces some new policy settings such as restricting printer driver installation to prevent attack cases like PrintNightmare. There is also "Tamper Protection" which helps against ransomware and other threats. Edge Legacy installation is also removed under the new security basis.
Regarding the limited installation of computer drivers, Microsoft shared:
"We have added a new setting to the MS Security Guide (Administrative TemplatesPrintersLimits print driver installation to Administrators) and enforced this activation. Note that this setting was previously a custom setting in SecGuide.admx/l and has now been moved in".
When it comes to Tamper Protection, Microsoft says it can block malware that does the following:
- Turn off virus and threat protection
- Turn off real-time protection
- Turn off behavior tracking
- Turn off anti-virus software (such as IOfficeAntivirus (IOAV))
- Turn off cloud delivery protection
- Remove security information updates
- Turn off automatic actions for detected threats
This new security base was also released for Windows 11 when this new operating system was officially released in October. Besides the changes mentioned above, the security base of Windows 11 also has more options for Script Scanning permission.
You can download the Microsoft Security Compliance Toolkit 1.0 here.
You should read it
- Microsoft is preparing to release a series of new security holes
- Microsoft released an updated patch for 25 critical security holes
- Instructions for installing and configuring Microsoft Security Essentials
- Link to download Microsoft Security Essentials 4.10.0209.0
- Security features coming to Windows 11
- Microsoft fixes a serious security hole
- Samsung postponed the release of KNOX security application
- Steps to enable security features on Microsoft 365
- A critical flaw in Internet Explorer forced Microsoft to release patches for Windows 7
- Microsoft released an emergency security patch for a serious vulnerability
- How to set up only allowing Microsoft-verified application installation files to run on Windows 11
- What is Microsoft's Pluton Security Processor? How does it work?
Maybe you are interested
Should I buy a USB, Bluetooth or NFC security key?
4 Security Steps to Follow When Using Remote Access Applications
Series of DrayTek router models have security holes
If you have an AMD CPU, install this important security update!
Roundup of new Chrome features and security updates
Google releases emergency security patch, fixes 4 security flaws on Chrome