{"id":3393,"date":"2021-10-11T18:30:39","date_gmt":"2021-10-11T13:00:39","guid":{"rendered":"https:\/\/xiarch.com\/blog\/?p=3393"},"modified":"2021-10-11T18:30:41","modified_gmt":"2021-10-11T13:00:41","slug":"microsoft-facilitates-tamper-protection-to-windows-11-security-baseline","status":"publish","type":"post","link":"https:\/\/xiarch.com\/blog\/microsoft-facilitates-tamper-protection-to-windows-11-security-baseline\/","title":{"rendered":"Microsoft Facilitates Tamper Protection to Windows 11 Security Baseline"},"content":{"rendered":"\n<p><p style=\"text-align: justify;\">Microsoft has released the final version of the security configuration baseline settings for Windows 11, which can download today using the Microsoft Security Compliance Toolkit. \u201cTwo new settings have been added for this release (which were also added to the Windows Server 2022 release), a new Microsoft Defender Antivirus setting, and a custom setting for printer driver installation restrictions,\u201d Microsoft Security Consultant said.<\/p><\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>User Operated Ransomware Protection by Default<\/strong><\/h2>\n\n\n\n<p><p style=\"text-align: justify;\">When enabling the Microsoft Security Baseline for Windows 11, Redmond urges the admin to ensure that Microsoft Defender for Endpoint\u2019s tamper security feature, which computes additional protection against human-operated ransomware attacks, is enabled.<\/p><\/p>\n\n\n\n<p><p style=\"text-align: justify;\">It does that by blocking attempts made by malware or attackers to disable security solutions and OS security features that would permit them to achieve easier access to critical information and set up malware or malicious tool.<\/p><\/p>\n\n\n\n<p><p style=\"text-align: justify;\">Tamper security deployment Microsoft Defender Antivirus using protection default values and hinders trials to change them through the registry, PowerShell cmdlets, or group policies.<\/p><\/p>\n\n\n\n<p><p style=\"text-align: justify;\">Once tamper protection is toggled on, ransomware operators would have a much more challenging task ahead of them when trying to:<\/p><\/p>\n\n\n\n<ul><li>Disable virus and threat protection<\/li><li>Disable real-time protection<\/li><li>Turnoff behavior monitoring<\/li><li>Disable antivirus like IOfficeAntivirus (IOAV)<\/li><li>Disable cloud-delivered protection<\/li><li>Remove security intelligence updates<\/li><\/ul>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>PrintNightmare and Edge Legacy Guidance<\/strong><\/h3>\n\n\n\n<p><p style=\"text-align: justify;\">With the new security baseline, Microsoft also added a new setting to the MS Security Guide custom administrative template to restrict printer driver installation to administrators.<\/p><\/p>\n\n\n\n<p><p style=\"text-align: justify;\">This new recommendation follows patches released in July 2021 to address the CVE-2021-34527 PrintNightmare remote code execution vulnerability in the Windows Print Spooler service.<\/p><\/p>\n\n\n\n<p><p style=\"text-align: justify;\">Microsoft also removed all Microsoft Edge Legacy settings after the EdgeHTML-based web browser reached the end of support in March and was removed from Windows 11.<\/p><\/p>\n\n\n\n<p><p style=\"text-align: justify;\">&#8216;Going forward, please use the new Microsoft Edge (Chromium-based) baseline, which is on a separate release cadence and available as part of the Microsoft Security Compliance Toolkit,&#8221; Munck said.<\/p><\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>Download and implement the security baseline<\/strong><\/h2>\n\n\n\n<div class=\"wp-block-image\"><figure class=\"aligncenter size-full\"><img decoding=\"async\" loading=\"lazy\" width=\"440\" height=\"268\" src=\"https:\/\/xiarch.com\/blog\/wp-content\/uploads\/2021\/10\/Microsoft-Facilitates-Tamper-Protection-to-Windows-11-Security-Baseline-image1.png\" alt=\"Microsoft-Facilitates-Tamper-Protection-to-Windows-11-Security-Baseline-image1\" class=\"wp-image-3397\" srcset=\"https:\/\/xiarch.com\/blog\/wp-content\/uploads\/2021\/10\/Microsoft-Facilitates-Tamper-Protection-to-Windows-11-Security-Baseline-image1.png 440w, https:\/\/xiarch.com\/blog\/wp-content\/uploads\/2021\/10\/Microsoft-Facilitates-Tamper-Protection-to-Windows-11-Security-Baseline-image1-300x183.png 300w\" sizes=\"(max-width: 440px) 100vw, 440px\" \/><\/figure><\/div>\n\n\n\n<p><p style=\"text-align: justify;\">Windows security baselines provide the admin with Microsoft-recommended security configuration baselines intended to conquer Windows systems&#8217; attack surface and boost the overall security posture of Windows enterprise endpoints.<\/p><\/p>\n\n\n\n<p><p style=\"text-align: justify;\">&#8220;A security baseline is a group of Microsoft-recommended configuration settings that explains their protection impact,&#8221; as Microsoft explains. &#8220;These settings are based on feedback from Microsoft security engineering teams, product groups, partners, and customers.&#8221;<\/p><\/p>\n\n\n\n<p><p style=\"text-align: justify;\">The Windows 11 protection baseline is prepared for download through the Microsoft Security Compliance Toolkit. It involves Group Policy Object (GPO) backups and reports, scripts to apply settings to the local GPO, and Policy Analyzer rules files.<\/p><\/p>\n\n\n\n<p><p style=\"text-align: justify;\">&#8220;Please download the content from the Microsoft Security Compliance Toolkit, test the approved arrangements, and customize \/ implement as appropriate,&#8221; Munck added.<\/p><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Microsoft has released the final version of the security configuration baseline settings for Windows 11, which can download today using the Microsoft Security Compliance Toolkit. \u201cTwo new settings have been added for this release (which were also added to the Windows Server 2022 release), a new Microsoft Defender Antivirus setting, and a custom setting for [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":3396,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[15],"tags":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v20.11 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Microsoft Facilitates Tamper Protection to Windows 11 Security Baseline - Xiarch Solutions Private Limited<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/xiarch.com\/blog\/microsoft-facilitates-tamper-protection-to-windows-11-security-baseline\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Microsoft Facilitates Tamper Protection to Windows 11 Security Baseline - Xiarch Solutions Private Limited\" \/>\n<meta property=\"og:description\" content=\"Microsoft has released the final version of the security configuration baseline settings for Windows 11, which can download today using the Microsoft Security Compliance Toolkit. \u201cTwo new settings have been added for this release (which were also added to the Windows Server 2022 release), a new Microsoft Defender Antivirus setting, and a custom setting for [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/xiarch.com\/blog\/microsoft-facilitates-tamper-protection-to-windows-11-security-baseline\/\" \/>\n<meta property=\"og:site_name\" content=\"Xiarch Solutions Private Limited\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/xiarch\/\" \/>\n<meta property=\"article:published_time\" content=\"2021-10-11T13:00:39+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2021-10-11T13:00:41+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/xiarch.com\/blog\/wp-content\/uploads\/2021\/10\/Microsoft-Facilitates-Tamper-Protection-to-Windows-11-Security-Baseline-featured-image-1.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1000\" \/>\n\t<meta property=\"og:image:height\" content=\"525\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Xiarch Security\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@xiarch\" \/>\n<meta name=\"twitter:site\" content=\"@xiarch\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Xiarch Security\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/xiarch.com\/blog\/microsoft-facilitates-tamper-protection-to-windows-11-security-baseline\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/xiarch.com\/blog\/microsoft-facilitates-tamper-protection-to-windows-11-security-baseline\/\"},\"author\":{\"name\":\"Xiarch Security\",\"@id\":\"https:\/\/xiarch.com\/blog\/#\/schema\/person\/655d814a04eacce56942270cfdc5c59c\"},\"headline\":\"Microsoft Facilitates Tamper Protection to Windows 11 Security Baseline\",\"datePublished\":\"2021-10-11T13:00:39+00:00\",\"dateModified\":\"2021-10-11T13:00:41+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/xiarch.com\/blog\/microsoft-facilitates-tamper-protection-to-windows-11-security-baseline\/\"},\"wordCount\":447,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/xiarch.com\/blog\/#organization\"},\"articleSection\":[\"Infosec News\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/xiarch.com\/blog\/microsoft-facilitates-tamper-protection-to-windows-11-security-baseline\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/xiarch.com\/blog\/microsoft-facilitates-tamper-protection-to-windows-11-security-baseline\/\",\"url\":\"https:\/\/xiarch.com\/blog\/microsoft-facilitates-tamper-protection-to-windows-11-security-baseline\/\",\"name\":\"Microsoft Facilitates Tamper Protection to Windows 11 Security Baseline - Xiarch Solutions Private Limited\",\"isPartOf\":{\"@id\":\"https:\/\/xiarch.com\/blog\/#website\"},\"datePublished\":\"2021-10-11T13:00:39+00:00\",\"dateModified\":\"2021-10-11T13:00:41+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/xiarch.com\/blog\/microsoft-facilitates-tamper-protection-to-windows-11-security-baseline\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/xiarch.com\/blog\/microsoft-facilitates-tamper-protection-to-windows-11-security-baseline\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/xiarch.com\/blog\/microsoft-facilitates-tamper-protection-to-windows-11-security-baseline\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/xiarch.com\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Microsoft Facilitates Tamper Protection to Windows 11 Security Baseline\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/xiarch.com\/blog\/#website\",\"url\":\"https:\/\/xiarch.com\/blog\/\",\"name\":\"Xiarch Solutions Private Limited\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\/\/xiarch.com\/blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/xiarch.com\/blog\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/xiarch.com\/blog\/#organization\",\"name\":\"Xiarch\",\"url\":\"https:\/\/xiarch.com\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/xiarch.com\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/xiarch.com\/blog\/wp-content\/uploads\/2021\/06\/xi-logo-002.png\",\"contentUrl\":\"https:\/\/xiarch.com\/blog\/wp-content\/uploads\/2021\/06\/xi-logo-002.png\",\"width\":300,\"height\":300,\"caption\":\"Xiarch\"},\"image\":{\"@id\":\"https:\/\/xiarch.com\/blog\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/xiarch\/\",\"https:\/\/twitter.com\/xiarch\",\"https:\/\/www.linkedin.com\/company\/xiarch\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/xiarch.com\/blog\/#\/schema\/person\/655d814a04eacce56942270cfdc5c59c\",\"name\":\"Xiarch Security\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/xiarch.com\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/d33699ed91b76568586dc1ae278ea568?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/d33699ed91b76568586dc1ae278ea568?s=96&d=mm&r=g\",\"caption\":\"Xiarch Security\"},\"sameAs\":[\"https:\/\/xiarch.com\/blog\/\"],\"url\":\"https:\/\/xiarch.com\/blog\/author\/vector\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Microsoft Facilitates Tamper Protection to Windows 11 Security Baseline - Xiarch Solutions Private Limited","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/xiarch.com\/blog\/microsoft-facilitates-tamper-protection-to-windows-11-security-baseline\/","og_locale":"en_US","og_type":"article","og_title":"Microsoft Facilitates Tamper Protection to Windows 11 Security Baseline - Xiarch Solutions Private Limited","og_description":"Microsoft has released the final version of the security configuration baseline settings for Windows 11, which can download today using the Microsoft Security Compliance Toolkit. \u201cTwo new settings have been added for this release (which were also added to the Windows Server 2022 release), a new Microsoft Defender Antivirus setting, and a custom setting for [&hellip;]","og_url":"https:\/\/xiarch.com\/blog\/microsoft-facilitates-tamper-protection-to-windows-11-security-baseline\/","og_site_name":"Xiarch Solutions Private Limited","article_publisher":"https:\/\/www.facebook.com\/xiarch\/","article_published_time":"2021-10-11T13:00:39+00:00","article_modified_time":"2021-10-11T13:00:41+00:00","og_image":[{"width":1000,"height":525,"url":"https:\/\/xiarch.com\/blog\/wp-content\/uploads\/2021\/10\/Microsoft-Facilitates-Tamper-Protection-to-Windows-11-Security-Baseline-featured-image-1.jpg","type":"image\/jpeg"}],"author":"Xiarch Security","twitter_card":"summary_large_image","twitter_creator":"@xiarch","twitter_site":"@xiarch","twitter_misc":{"Written by":"Xiarch Security","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/xiarch.com\/blog\/microsoft-facilitates-tamper-protection-to-windows-11-security-baseline\/#article","isPartOf":{"@id":"https:\/\/xiarch.com\/blog\/microsoft-facilitates-tamper-protection-to-windows-11-security-baseline\/"},"author":{"name":"Xiarch Security","@id":"https:\/\/xiarch.com\/blog\/#\/schema\/person\/655d814a04eacce56942270cfdc5c59c"},"headline":"Microsoft Facilitates Tamper Protection to Windows 11 Security Baseline","datePublished":"2021-10-11T13:00:39+00:00","dateModified":"2021-10-11T13:00:41+00:00","mainEntityOfPage":{"@id":"https:\/\/xiarch.com\/blog\/microsoft-facilitates-tamper-protection-to-windows-11-security-baseline\/"},"wordCount":447,"commentCount":0,"publisher":{"@id":"https:\/\/xiarch.com\/blog\/#organization"},"articleSection":["Infosec News"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/xiarch.com\/blog\/microsoft-facilitates-tamper-protection-to-windows-11-security-baseline\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/xiarch.com\/blog\/microsoft-facilitates-tamper-protection-to-windows-11-security-baseline\/","url":"https:\/\/xiarch.com\/blog\/microsoft-facilitates-tamper-protection-to-windows-11-security-baseline\/","name":"Microsoft Facilitates Tamper Protection to Windows 11 Security Baseline - Xiarch Solutions Private Limited","isPartOf":{"@id":"https:\/\/xiarch.com\/blog\/#website"},"datePublished":"2021-10-11T13:00:39+00:00","dateModified":"2021-10-11T13:00:41+00:00","breadcrumb":{"@id":"https:\/\/xiarch.com\/blog\/microsoft-facilitates-tamper-protection-to-windows-11-security-baseline\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/xiarch.com\/blog\/microsoft-facilitates-tamper-protection-to-windows-11-security-baseline\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/xiarch.com\/blog\/microsoft-facilitates-tamper-protection-to-windows-11-security-baseline\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/xiarch.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Microsoft Facilitates Tamper Protection to Windows 11 Security Baseline"}]},{"@type":"WebSite","@id":"https:\/\/xiarch.com\/blog\/#website","url":"https:\/\/xiarch.com\/blog\/","name":"Xiarch Solutions Private Limited","description":"","publisher":{"@id":"https:\/\/xiarch.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/xiarch.com\/blog\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/xiarch.com\/blog\/#organization","name":"Xiarch","url":"https:\/\/xiarch.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/xiarch.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/xiarch.com\/blog\/wp-content\/uploads\/2021\/06\/xi-logo-002.png","contentUrl":"https:\/\/xiarch.com\/blog\/wp-content\/uploads\/2021\/06\/xi-logo-002.png","width":300,"height":300,"caption":"Xiarch"},"image":{"@id":"https:\/\/xiarch.com\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/xiarch\/","https:\/\/twitter.com\/xiarch","https:\/\/www.linkedin.com\/company\/xiarch"]},{"@type":"Person","@id":"https:\/\/xiarch.com\/blog\/#\/schema\/person\/655d814a04eacce56942270cfdc5c59c","name":"Xiarch Security","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/xiarch.com\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/d33699ed91b76568586dc1ae278ea568?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/d33699ed91b76568586dc1ae278ea568?s=96&d=mm&r=g","caption":"Xiarch Security"},"sameAs":["https:\/\/xiarch.com\/blog\/"],"url":"https:\/\/xiarch.com\/blog\/author\/vector\/"}]}},"_links":{"self":[{"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/posts\/3393"}],"collection":[{"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/comments?post=3393"}],"version-history":[{"count":1,"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/posts\/3393\/revisions"}],"predecessor-version":[{"id":3398,"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/posts\/3393\/revisions\/3398"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/media\/3396"}],"wp:attachment":[{"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/media?parent=3393"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/categories?post=3393"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/tags?post=3393"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}