This is how Windows 11 and Windows 10 21H2 combat PrintNightmare, ransomware and other threats

The toolkit provides a Microsoft-recommended security facility to help administrators better manage Group Policy Objects (GPOs), among other things, without compromising security.

Here's how Microsoft defines its Security Compliance Toolkit:

"The Microsoft Security Compliance Toolkit enables enterprise security administrators to effectively manage their enterprise's Group Policy Object (GPO). Using this toolkit administrators can compare their current GPOs with those of their business. base GPOs recommended by Microsoft or others, edit them, store them in GPO backup file formats, and apply them via domain controller, or put them directly on the server for testing their effects".

The new security facility introduces some new policy settings such as restricting printer driver installation to prevent attack cases like PrintNightmare. There is also "Tamper Protection" which helps against ransomware and other threats. Edge Legacy installation is also removed under the new security basis.

Regarding the limited installation of computer drivers, Microsoft shared:

"We have added a new setting to the MS Security Guide (Administrative TemplatesPrintersLimits print driver installation to Administrators) and enforced this activation. Note that this setting was previously a custom setting in SecGuide.admx/l and has now been moved in".

When it comes to Tamper Protection, Microsoft says it can block malware that does the following:

1. Turn off virus and threat protection
2. Turn off real-time protection
3. Turn off behavior tracking
4. Turn off anti-virus software (such as IOfficeAntivirus (IOAV))
5. Turn off cloud delivery protection
6. Remove security information updates
7. Turn off automatic actions for detected threats

This new security base was also released for Windows 11 when this new operating system was officially released in October. Besides the changes mentioned above, the security base of Windows 11 also has more options for Script Scanning permission.

You can download the Microsoft Security Compliance Toolkit 1.0 here.

You've just finished reading the article "This is how Windows 11 and Windows 10 21H2 combat PrintNightmare, ransomware and other threats" edited by the TipsMake team. You can save this-is-how-windows-11-and-windows-10-21h2-combat-printnightmare-ransomware-and-other-threats.pdf to your computer here to read later or print it out. We hope this article has provided you with many useful tech tips and tricks. You can search for similar articles on tips and guides. Thank you for reading and for following us regularly.