Windows 10 gains ransomware protection in new native security options

Windows Security Base Settings are options recommended by Microsoft, made with the goal of reducing potential surfaces of abuse by threats in the operating system and improving protection for both corporate devices and ordinary users, thus avoiding potential data leaks or other types of virtual attacks.

The new update brings the addition of tamper blocking as a setting that is enabled by default. When enabled, protection occurs by disabling the ability of ransomware operators to tamper with Windows 10 security tools and settings, either in Defender Antivirus or through PowerShell commands.

As a result, it is difficult for ransomware agents to perform the following steps, which makes implementing these attacks more complex:

• disable computer protection, be it antivirus, cloud or real-time;
• disable monitoring of CPU activities;
• remove updates that fix crashes;
• Disable automatic actions when threats are detected by security solutions.

Other changes

The new default security settings in Windows 10 also removed support for Microsoft Edge Legacy after versions of EdgeHTML ended support in March 2021. Microsoft recommends that users using the old browser start using the security settings for Chromium-based browsers, also available in Microsoft Security Compliance Tools ;

Finally, the update also brings a new setting to Microsoft’s security guide that allows only users with administrator privileges to install printer drivers, in a possible attempt to avoid attacks like the infamous nightmare print.

The technical guide on how to download the update and more details about each new feature can be found in the post at Official Microsoft Blog.

source: Microsoft