Microsoft Releases Windows 10 Version 21H2 Security Baseline With Tamper Protection And More
Microsoft has announced the release of a new security baseline package for Windows 10 version 21H2. The Redmond giant detailed that the latest Windows 10 security baseline brings several new policy settings to help enterprise customers prevent PrintNightmare, ransomware attacks, and other security threats.
Windows 10 Version 21H2 security baseline with Microsoft Defender Tamper Protection
First up, Microsoft has added a new Tamper Protection setting that essentially secures Microsoft Defender Antivirus by preventing ransomware operators from automatically turning off certain OS security features on Windows 10 PCs via PowerShell commands, the registry, as well as Group Policy.
The list includes behavior monitoring, real-time protection, automated threat response mechanisms, virus and threat protection, as well as cloud-delivered protection. It can also help to prevent malware from removing security intelligence updates from Windows 10 devices.
Restrict the installation of printers to address PrintNightmare
The new security baseline package also introduces a setting that should enable IT Admins to restrict the installation of printer drivers. This change aims to address the PrintNightmare remote code execution vulnerability that impacts the Windows Print Spooler service in enterprise environments.
“We have added a new setting to the MS Security Guide (Administrative Templates\Printers\Limits print driver installation to Administrators) and enforced the enablement. Note this setting was previously a custom setting in SecGuide.admx/l and has since moved inbox,” the company explained.
Last but not least, Microsoft has removed all Microsoft Edge Legacy features from the new Windows 10 21H2 security baseline package. The company has advised customers to switch to the new Chromium-based Edge browser.
To get started, download the Microsoft Security Compliance Toolkit. If you’re interested, we invite you to check out the Microsoft Security Baselines blog to read more about the new Windows 10 21H2 security baseline.
More in Windows 10
Windows 11 to Add New Multi-App Kiosk Mode for IT Admins
Jul 29, 2022 | Rabia Noureen
Microsoft Retires Windows Information Protection in Favor of New Purview Service
Jul 22, 2022 | Rabia Noureen
How to Use the Icacls Command to Manage File Permissions
Jul 20, 2022 | Michael Reinders
July Patch Tuesday Updates Fix 84 Vulnerabilities and LDAP Gets TLS 1.3
Jul 13, 2022 | Laurent Giret
Microsoft's New Windows Autopatch Service is Now Generally Available
Jul 12, 2022 | Rabia Noureen
What’s New with Windows – June 2022
Jul 5, 2022 | Russell Smith
Most popular on petri