Windows 10 20H2 faster malware detection
Microsoft has announced the draft basic security version for Windows 10 and Windows Server, version 20H2, as well as the intention to include the "Block At First Sight" feature of Microsoft Defender Antivirus (BAFS).
Η security base line Windows 10 allows security administrators to use the Microsoft Civil Protection Object Lines (GPOs) recommended by Microsoft to reduce attacks on Windows 10 and enhance the overall security endpoint of a business endpoints.
"A security line is a set of settings recommended by Microsoft that explains their impact on security." he explains Microsoft. "These settings are based on feedback from Microsoft security teams, product groups, partners and customers."
"The baselines are designed for well-managed, security-driven organizations in which end-users do not have administrator privileges." said Microsoft Federal Customer Unit (CSU) consultant Rick Munck.
While the possibility Microsoft Defender Antivirus BAFS first came out with the release of Windows 10, version 1607 in August 2016, it is the first time that Microsoft intends to offer it as a default corporate setting.
When running on Windows 10 or Windows Server, BAFS will significantly reduce the time it takes for Microsoft Defender Antivirus to detect and block new malware using cloud-based protection and Microsoft Learning.
The four BAFS prerequisites will be added to the "MSFT Windows 10 20H2 and Server 20H2 - Defender Antivirus" group policy as soon as the final version of the initial security line is released.
With the new security line, Microsoft will also suggest that administrators enable additional attack mitigation rules that will also be added to Group Policy "MSFT Windows 10 20H2 and Server 20H2 - Defender Antivirus".
The first, the "Use Advanced ransomware Protection" rule, is designed to automatically exclude any Defender Antivirus tags as malicious, unless added to a list of exceptions.
With the release of Windows 10 20H2, administrators are advised to apply the line Microsoft Edge security in their systems, seeing that the new Chromium-based Edge browser comes as part of the operating system.
A list of all the changes that will be included in the final version of the baseline based on the auditors' comments is available in the post blog Microsoft Security.