Tag Archive for: Baseline

Windows 10 21H2 adds ransomware protection to security baseline


Windows 10 21H2 adds ransomware protection to security baseline

Microsoft has released the final version of security configuration baseline settings for Windows 10, version 21H2, available today from the Microsoft Security Compliance Toolkit.

“This Windows 10 feature update brings very few new policy settings,” Microsoft security consultant Rick Munck said.

“One setting has been added for this release for printer driver installation restrictions (which was also added to the Windows 11 release). Additionally, all Microsoft Edge Legacy settings have been removed,”

Protection from human-operated ransomware

However, the highlight of the new Windows 10 security baseline is the addition of tamper protection as a setting to enable by default (this was also made a default setting in the Windows 11 security baseline two months ago).

When toggling on the Microsoft Security Baseline for Windows 10 21H2, Redmond urges admins to toggle on Defender for Endpoint’s tamper protection feature to protect against human-operated ransomware attacks.

This feature does that by blocking attempts by ransomware operators or malware to disable OS security features and security solutions to gain easier access to sensitive data and deploy further malware or malicious tools.

Tamper protection automatically locks Microsoft Defender Antivirus using the default secure values, thwarting attempts to change them using the registry, PowerShell cmdlets, or group policies.

After enabling it, ransomware operators would have a considerably more challenging task when trying to:

  • Disable virus and threat protection
  • Disable real-time protection
  • Turnoff behavior monitoring
  • Disable antivirus (such as IOfficeAntivirus (IOAV))
  • Disable cloud-delivered protection
  • Remove security intelligence updates
  • Disable automatic actions on detected threats

PrintNightmare and Edge Legacy

With the new Windows 10 21H2 security baseline, Redmond removed all Microsoft Edge Legacy settings after its EdgeHTML-based web browser reached end of support in March.

“Going forward, please use the new Microsoft Edge (Chromium-based) baseline, which is on a separate release cadence and available as part of the Microsoft Security Compliance Toolkit,” Munck added.

Microsoft also added a new setting to the MS Security…

Source…

NAVWAR Fleet Readiness Team to Increase Cyber Baseline Delivery, Ensuring Future Force Readiness – DVIDS

NAVWAR Fleet Readiness Team to Increase Cyber Baseline Delivery, Ensuring Future Force Readiness  DVIDS
“cyber warfare news” – read more

Cyber-War Gets Real – Baseline (blog)


Baseline (blog)

Cyber-War Gets Real
Baseline (blog)
Over the last few years, we've witnessed a wave of planted malware and cyber-attacks directed at governments, companies and other organizations. These range from the Stuxnet and Flame viruses infecting industrial control systems and computers in the

flame malware – read more

Top 10 Threat Predictions for 2014 – Baseline


Baseline

Top 10 Threat Predictions for 2014
Baseline
During the past few years, security threats and actual breaches have grown exponentially. Malware has gone mainstream, social engineering has become far more sophisticated, high-profile database hacks have become disturbingly common, and distributed 

android botnet – read more