Last Update: Sep 04, 2024 | Published: Dec 22, 2021
Microsoft has announced the release of a new security baseline package for Windows 10 version 21H2. The Redmond giant detailed that the latest Windows 10 security baseline brings several new policy settings to help enterprise customers prevent PrintNightmare, ransomware attacks, and other security threats.
First up, Microsoft has added a new Tamper Protection setting that essentially secures Microsoft Defender Antivirus by preventing ransomware operators from automatically turning off certain OS security features on Windows 10 PCs via PowerShell commands, the registry, as well as Group Policy.
The list includes behavior monitoring, real-time protection, automated threat response mechanisms, virus and threat protection, as well as cloud-delivered protection. It can also help to prevent malware from removing security intelligence updates from Windows 10 devices.
The new security baseline package also introduces a setting that should enable IT Admins to restrict the installation of printer drivers. This change aims to address the PrintNightmare remote code execution vulnerability that impacts the Windows Print Spooler service in enterprise environments.
“We have added a new setting to the MS Security Guide (Administrative TemplatesPrintersLimits print driver installation to Administrators) and enforced the enablement. Note this setting was previously a custom setting in SecGuide.admx/l and has since moved inbox,” the company explained.
Last but not least, Microsoft has removed all Microsoft Edge Legacy features from the new Windows 10 21H2 security baseline package. The company has advised customers to switch to the new Chromium-based Edge browser.
To get started, download the Microsoft Security Compliance Toolkit. If you’re interested, we invite you to check out the Microsoft Security Baselines blog to read more about the new Windows 10 21H2 security baseline.