With the Security Baseline for Windows 10 21H2, Microsoft has published new guidelines that restrict printer driver installations. This should provide more security against vulnerabilities such as PrintNightmare. Edge legacy settings have also been removed.
The Windows security team is now reporting this in a blog post for the tech community. The latest Windows 10 version 21H2 now adds new ransomware protection to the so-called security baseline. The security baseline contains a collection of recommended security settings for group policies in Windows. According to Microsoft, these settings are intended to suppress a large part of the dangers related to malicious code and manipulation attempts. In addition, there are a number of recommended configurations in the Security Baseline for protecting privacy and data protection in general.
Microsoft now has the final version of the basic settings for this security configuration of Windows 10 21H2. The updated collection is available immediately through the Microsoft Security Compliance Toolkit.
This Windows 10 feature update brings very few new policy settings with it. A setting was added for this version to restrict the installation of printer drivers (this was also added in the Windows 11 version). Also, all Microsoft Edge legacy settings have been removed.
A Knowledge Base article and patch for CVE-2021-34527, better known as PrintNightmare, was released in July. We have added a new setting to the MS security guide (Administrative Templates \ Printers \ Restriction of printer driver installation to administrators) and forced activation. Note that this setting was previously a custom setting in SecGuide.admx / l and has since been moved to the inbox.
Microsoft Edge Legacy (EdgeHTML-based) reached the end of support on March 9, 2021, and is not part of Windows 10 21H2. As a result, the settings that supported it have been removed from the baseline. Please use the new Microsoft Edge baseline (Chromium-based) in the future, which is available in a separate release cycle and as part of the Microsoft Security Compliance Toolkit.
The highlight of the new Windows 10 security baseline, however, is the addition of tamper protection as a setting to be activated by default (this was also set as the default setting in the Windows 11 security baseline two months ago). When activating the Microsoft Security Baseline for Windows 10 21H2, Redmond prompts administrators to enable the tamper protection feature of Defender for Endpoint to protect themselves from human-carried ransomware attacks.
This function blocks attempts by ransomware operators or malware to disable security functions of the operating system and other security solutions in order to gain easier access to sensitive data and to install further malware or malicious tools.
Tamper Protection automatically blocks Microsoft Defender Antivirus and prevents attempts to change it through the registry, PowerShell cmdlets, or Group Policy.
Digital marketing enthusiast and industry professional in Digital technologies, Technology News, Mobile phones, software, gadgets with vast experience in the tech industry, I have a keen interest in technology, News breaking.