What is the UEFI Scanner that comes in Windows 10

The Windows Defender, που τώρα ονομάζεται επίσημα Microsoft Defender, it is becoming more and more powerful. So more and more users are using Microsoft Protection application replacing third-party protection software.

The latest antivirus tests show that Microsoft Defender performance has been aligned with the most powerful third-party security products.

But Microsoft does not stop there. Microsoft Defender Advanced Threat Protection (Microsoft ATP) has a UEFI scanner.

In other words, the Microsoft security application can now detect malware embedded in the device firmware, adding a new level of security to all devices running Windows 10.

Malware infected with malware is very difficult to detect, as the malware starts before the operating system starts and of course the security software. So in most cases, this malware cannot be detected.

Microsoft he says that the UEFI scanner was built with the help of chipset makers, who contributed insights, allowing Microsoft Defender ATP to scan the firmware file system to determine if there was a risk of malware.

UEFI Scanner comes with three important components namely one machine detection that can help find exploits and malicious behavior, a full file system scanner that carefully checks every piece of code inside the firmware, and a UEFI Anti-Rootkit that uses the Serial Peripheral Interface (from Serial Peripheral Interface or simply SPI) to access to firmware.

When firmware-level malware is detected, the Microsoft Defender Security Center will display more information than a typical infected file.

Microsoft explains that the UEFI scanner is a physical development of all security improvements to Microsoft Defender ATP and that more such updates will be added.

Microsoft Defender is offered as the default security application on all Windows 10 devices, and when the operating system is installed, the anti-virus mechanism is activated automatically.