What is the UEFI Scanner that comes in Windows 10
Windows Defender, now officially called Microsoft Defender, it is becoming more and more powerful. So more and more users are using Microsoft Protection application replacing third-party protection software.
The latest antivirus tests show that Microsoft Defender performance has been aligned with the most powerful third-party security products.
But Microsoft does not stop there. Microsoft Defender Advanced Threat Protection (Microsoft ATP) has a UEFI scanner.
In other words, the Microsoft security application can now detect malware embedded in the device firmware, adding a new level of security to all devices running Windows 10.
Malware infected with malware is very difficult to detect, as the malware starts before the operating system starts and of course the security software. So in most cases, this malware cannot be detected.
Microsoft he says that the UEFI scanner was built with the help of chipset makers, who contributed insights, allowing Microsoft Defender ATP to scan the firmware file system to determine if there was a risk of malware.
The UEFI scanner comes with three key components: a scanner that can help detect exploits and malware, a complete file system scanner that carefully scans every piece of code within the firmware, and a UEFI Anti-Rootkit that uses the Serial Peripheral. Interface (from the Serial Peripheral Interface or simply SPI) to access the firmware.
When firmware-level malware is detected, the Microsoft Defender Security Center will display more information than a typical infected file.
Microsoft explains that the UEFI scanner is a natural evolution of all security enhancements to Microsoft Defender ATP, and that more and more such updates will be added.
Microsoft Defender is offered as the default security application on all Windows 10 devices, and when the operating system is installed, the anti-virus mechanism is activated automatically.