Here's how Windows 11, Windows 10 21H2 can prevent PrintNightmare, ransomware attacks, more

Microsoft Defender Antivirus logo blue on blue background

Microsoft earlier today released its security baseline package for Windows 10 21H2 November 2021 update in the form of the Microsoft Security Configuration Toolkit. The toolkit provides a Microsoft-recommended security baseline in order to help administrators better manage various enterprise Group Policy Objects (GPOs), among other things, without compromising security.

Here's how Microsoft defines its Security Configuration Toolkit:

The Microsoft Security Configuration Toolkit enables enterprise security administrators to effectively manage their enterprise’s Group Policy Objects (GPOs). Using the toolkit, administrators can compare their current GPOs with Microsoft-recommended GPO baselines or other baselines, edit them, store them in GPO backup file format, and apply them via a domain controller or inject them directly into testbed hosts to test their effects.

The new baseline introduces several new policy settings like printer driver installation restrictions to prevent scenarios like the infamous PrintNightmare episode, and "Tamper Protection" that could help against "Human Operated Ransomware", among other threats. Besides these two, Edge Legacy settings have also been done away with under this new baseline.

In case of the new printer driver installation restriction, Microsoft says:

We have added a new setting to the MS Security Guide (Administrative Templates\Printers\Limits print driver installation to Administrators) and enforced the enablement. Note this setting was previously a custom setting in SecGuide.admx/l and has since moved inbox.

And when it comes to Tamper Protection, the feature, Microsoft says, can prevent a malware from:

  • Disabling virus and threat protection

  • Disabling real-time protection

  • Turning off behavior monitoring

  • Disabling antivirus (such as IOfficeAntivirus (IOAV))

  • Disabling cloud-delivered protection

  • Removing security intelligence updates

  • Disabling automatic actions on detected threats

This baseline was already released for Windows 11 back when the OS was made publicly available in October. Besides these policy setting changes, the Windows 11 baseline also adds the option for allowing Script Scanning.

You can find the link to download the Microsoft Security Compliance Toolkit 1.0 here.

Source: Microsoft (1), (2)

Report a problem with article
This is a screenshot from Deus Ex Mankind Divided
Next Article

DayZ and Deus Ex: Mankind Divided receive major discounts in this week's Deals with Gold

Second Extinction is free for today on the Epic Games Store
Previous Article

Second Extinction is free to claim on the Epic Games Store today

9 Comments - Add comment

Advertisement