Home » Technology » Microsoft » Windows » Security Baseline For Windows 10 22H2 Is Released

Security Baseline For Windows 10 22H2 Is Released

Windows 10 22H2

With the launch of the new Windows 10 version 22H2, Microsoft has released an update for the security baseline. There are other changes for printers, as well as improved LSA protection. There is also new help against brute force attacks.

The Windows security team is now reporting this in a blog post from the tech community. The new Windows 10 version 22H2 now adds new protective measures to the so-called security baseline.

The Security Baseline in Windows 10 contains a basic collection of recommended security settings for group policies in Windows. According to Microsoft, these settings can be used to suppress a large proportion of the dangers associated with malicious code and attempts at manipulation.

In addition, the Security Baseline contains a number of recommended configurations for protecting privacy and data protection in general.

Microsoft has now released the updated version of the basic settings of this Windows 10 22H2 security configuration. The updated collection is now available through the Microsoft Security Compliance Toolkit. We’ve translated and summarized the changes:

Microsoft informs:

  • This release includes numerous changes to further support the security of enterprise customers. Changes have been made to provide additional protection in the areas of driver security, credential theft, printers, and account lockout.

Printer

  • Among other things, there is new support for “RedirectionGuard”. RedirectionGuard is a security measure that prevents the use of non-administratively created redirects from being tracked within a given process.
  • In addition, a revised CopyFilesPolicy starts. This was introduced as a registry key in response to the CVE-2021-36958 vulnerability in September 2021 and has now been improved. There are also two changes for the print queue and for incoming connections.

Protection against credential theft

  • Additional LSA (Local Security Authority) protection: LSA now runs as a protected process by default.

Attack surface reduction

  • A new rule aims to limit the abuse of exploited vulnerable signed drivers. This rule applies to both the client and server and prevents an application from writing a vulnerable signed driver to disk.

Account Lockout Policies

  • Added a new policy ‘Allow account lockout for administrators’ under Security Settings\Account Policies\Account Lockout Policy to mitigate brute force authentication attacks.

Other changes

  • In this release, a discrepancy between the Security Baseline documentation and the associated group policy for Microsoft Defender Antivirus settings has been resolved.