Microsoft continues to focus on the security of its Windows platform, and its latest proposal aims to help system administrators determine if the configuration they have applied is the ideal configuration, using those recommended by Microsoft as a benchmark.
This is possible thanks to the Microsoft Security Compliance Toolkit, a set of configuration options developed on the basis of contributions from the company’s engineering teams but also from partners and customers.
Follow Windows 11 Steps
This is a set of security options for Windows 10 21H2 created from the work of company engineers but also users and partners. Under the name of Microsoft Security Compliance Toolkit (available at this link), it seeks to improve computer security.
With these options, system administrators can compare whether the configuration they applied is the same as that recommended by Microsoft. These are the kinds of bases that the service administrator can edit, adapt, or save in the GPO backup file format and then apply them through a domain controller.
After the security configuration is applied, all legacy configurations are removed and new configurations are incorporated to address the PrintNightmare remote code execution vulnerability
In addition, in this toolset, Edge Legacy configuration has also been eliminated in this new baseline, printer driver installation restriction has been added and, most importantly, tamper protection is added by As configuration to enable, from Default it is used to protect computers against man-made ransomware attacks.
Disable virus and threat protection Disable real-time protection Disable behavior monitoring Disable antivirus (such as IOfficeAntivirus (IOAV)) Disable cloud-delivered protection Remove security intelligence updates Disable automatic actions on detected threats
The latter system thus reaches Windows 10 in the update launched in November after its debut in Windows 11. A system that allows to block attack attempts by different types of malware when they try to disable the security functions of the system. operating system by attacking Microsoft Defender Antivirus to better access confidential data or install other malware.
Con este sistema se impide cualquier intento de cambiar dichos valores recurriendo al Registro de Windows, a los cmdlets de PowerShell where the directives de grupo y are dificulta that el malware de turno actúe has sus anchas y disables the antivirus protection in tiempo real o las actualizaciones of security.
These configurations are now available for download through the Microsoft Security Compliance Toolkit. A package that includes security baselines through Group Policy Object (GPO) reporting and scripts required to apply settings to the local GPO.
Via | NeoWin