Microsoft has asked users to activate Microsoft Defender for Endpoints Tamper-proof function to protect against ransomware campaigns because it released the final version of its basic security configuration settings for Windows 11.
Microsoft helps businesses navigate the ocean of security-related settings and editable settings by providing guidance in the form of security baselines.
As part of its advice for Windows 11, the software giant asked its users to turn on the tamper protection feature to prevent malicious actors from bypassing the installation’s security features.
“While you are activating Microsoft Security Baseline for Windows 11 (and / or Windows 10 and / or Windows Server 2022/2019/2016), be sure to activate Microsoft Defender for Endpoint’s”Self-protection“To add a layer of protection against human-operated ransomware”, Noted Microsoft security consultant Rick Munck.
Munck directed users to the Microsoft Security Compliance Toolkit 1.0, which allows corporate security administrators to download, analyze, test, modify, and store Microsoft-recommended security configuration baselines, while comparing them to d ‘other security configurations.
As part of this release, Microsoft suggests that users turn on the Defenders Tamper Protection feature.
“Bad actors like to disable your security features to more easily access your data, to install malware, or to otherwise use your data, identity and devices. Protection against tampering helps prevent this kind of thing from happening ”, Explain Microsoft.
Protection against tampering works by ensuring Defenders secure, the defaults are locked and cannot be changed through Registry Editor, PowerShell cmdlets, or Group Policy, which are typically exploited by malware to disable security protections.
- Microsoft adds tamper protection to Windows 11 security base
- Microsoft recommends an important security feature of Windows 11
- Windows 11 users could be set up for a major security upgrade
- Microsoft Defender for Identity to detect Windows Bronze Bit attacks
- Microsoft shares interim fix for ongoing Office 365 zero-day attacks