The Windows Defender, now officially called Microsoft Defender, it is becoming more and more powerful. So more and more users are using the app protectionof Microsoft replacing third-party protection software.
The latest antivirus tests show that Microsoft Defender performance has been aligned with the most powerful third-party security products.
But Microsoft does not stop there. Microsoft Defender Advanced Threat Protection (Microsoft ATP) has a UEFI scanner.
In other words, the Microsoft security application can now detect malware embedded in the device firmware, adding a new level of security to all devices running Windows 10.
Malware infected firmware is very difficult to detect as the malware starts before the operating system boots and of course the security software. So, in most cases, this malware cannot be detected.
Microsoft he says that the UEFI scanner has been built with help from the manufacturers of chipset, who contributed insights, allowing Microsoft Defender ATP to scan the system files of the firmware to determine if there is a risk of malware or not.
The UEFI scanner comes with three key components: a scanner that can help detect exploits and malware, a complete file system scanner that carefully scans every piece of code within the firmware, and a UEFI Anti-Rootkit that uses the Serial Peripheral. Interface (from the Serial Peripheral Interface or simply SPI) to access the firmware.
When firmware-level malware is detected, the Microsoft Defender Security Center will display more information than a typical infected file.
Microsoft explains that the UEFI scanner is a physical development of all security improvements to Microsoft Defender ATP and that more such updates will be added.
Microsoft Defender is offered as the default security application on all Windows 10 devices, and when the operating system is installed, the anti-virus mechanism is activated automatically.
Not so upgraded. In two programs that I downloaded and put it to search did not find anything. When I went to install them, Comodo did not let me. I only have the firewall. Note that I have no other antibiotic.