This is how Windows 11 and Windows 10 21H2 combat PrintNightmare, ransomware and other threats
The toolkit provides a Microsoft-recommended security facility to help administrators better manage Group Policy Objects (GPOs), among other things, without compromising security.
Here's how Microsoft defines its Security Compliance Toolkit:
"The Microsoft Security Compliance Toolkit enables enterprise security administrators to effectively manage their enterprise's Group Policy Object (GPO). Using this toolkit administrators can compare their current GPOs with those of their business. base GPOs recommended by Microsoft or others, edit them, store them in GPO backup file formats, and apply them via domain controller, or put them directly on the server for testing their effects".
The new security facility introduces some new policy settings such as restricting printer driver installation to prevent attack cases like PrintNightmare. There is also "Tamper Protection" which helps against ransomware and other threats. Edge Legacy installation is also removed under the new security basis.
Regarding the limited installation of computer drivers, Microsoft shared:
"We have added a new setting to the MS Security Guide (Administrative TemplatesPrintersLimits print driver installation to Administrators) and enforced this activation. Note that this setting was previously a custom setting in SecGuide.admx/l and has now been moved in".
When it comes to Tamper Protection, Microsoft says it can block malware that does the following:
- Turn off virus and threat protection
- Turn off real-time protection
- Turn off behavior tracking
- Turn off anti-virus software (such as IOfficeAntivirus (IOAV))
- Turn off cloud delivery protection
- Remove security information updates
- Turn off automatic actions for detected threats
This new security base was also released for Windows 11 when this new operating system was officially released in October. Besides the changes mentioned above, the security base of Windows 11 also has more options for Script Scanning permission.
You can download the Microsoft Security Compliance Toolkit 1.0 here.
You should read it
- Instructions for installing and configuring Microsoft Security Essentials
- Link to download Microsoft Security Essentials 4.10.0209.0
- Security features coming to Windows 11
- Microsoft fixes a serious security hole
- Samsung postponed the release of KNOX security application
- Steps to enable security features on Microsoft 365
- A critical flaw in Internet Explorer forced Microsoft to release patches for Windows 7
- Microsoft released an emergency security patch for a serious vulnerability
May be interested
- The threat of ransomware is threatening businessesransomware is often mentioned whenever businesses discuss the cyber threats they may face in 2021.
- Windows 11 21H2 is about to die, Microsoft pushes to update version 23H2/22H2windows 11 version 21h2 is one of the important native releases of windows 11 that begins rolling out globally on october 4, 2021.
- Microsoft begins to force many computers to update Windows 10 21H2microsoft has begun implementing a 'campaign' to force computers running windows 10 that are running out of support to windows 10 version 21h2. this is also part of microsoft's first phase of machine learning training.
- New features of Windows 10 21H2 have just been releasedmicrosoft has just officially launched the windows 10 21h2 feature update for users who are using windows 10 version 2004 or newer.
- Download Ghost Windows 11 21H2, Link Google drive, latest official Ghost Windows 11download ghost windows 11 21h2 made from the official win 11 installer (build 22000.194) keeping the necessary apps like photos, xbox, defender and store.
- Even DSLR cameras can be easily attacked by ransomwareransomware, also known collectively as ransom data encryption software, has become one of the major security threats to all computer systems worldwide in recent years. .
- Everything you need to know about the LockBit . ransomware familyif you keep up to date with cybersecurity threats, you probably know how dangerously popular ransomware has become.
- Defender for Identity detects PrintNightmare vulnerability, reducing risk for Print Spoolermicrosoft helped defender for identity detect the printnightmare exploit to help the security operations team detect hacker attacks.
- Matrix Ransomware is back under the distribution of RIG Exploit Kitsecurity researcher jérôme segura of malwarebytes has discovered matrix ransomware being distributed through rig exploit kit on malicious display sites.
- Discover more ways to attack the printing system in Windowson july 15, benjamin delpy, security researcher and innovator at mimikatz, revealed how to abuse the usual windows printer driver installation method to gain system local privileges through a malicious printer driver. .