Microsoft announced the draft basic versionsecurity updates for Windows 10 and Windows Server, version 20H2, as well as the intention to include the “Block At First Sight” feature of Microsoft Defender Antivirus (BAFS).
Η security base line of Windows 10 allows security administrators to use Microsoft-recommended policy protection object (GPO) baselines to reduce attacks in Windows 10 and to strengthen the overall security posture of an enterprise's endpoints.
"A security line is a set of settings recommended by Microsoft that explains their impact on security." he explains Microsoft. "These settings are based on feedback from Microsoft security teams, product groups, partners and customers."
"The baselines are designed for well-managed, security-driven organizations in which end-users do not have administrator privileges." said Microsoft Federal Customer Unit (CSU) consultant Rick Munck.
While the possibility Microsoft Defender Antivirus BAFS first came with the release of Windows 10, version 1607 in August 2016, it is the first time that Microsoft intends to offer it as default setting at corporate points.
When running on Windows 10 or Windows Server, BAFS will significantly reduce the time it takes for Microsoft Defender Antivirus to detect and block new malware using cloud-based protection and Microsoft Learning.
The four prerequisite BAFS settings will be added to the MSFT Group Policy Windows 10 20H2 and Server 20H2 – Defender Antivirus” once the final version of the original security line is released.
With the new security line, Microsoft will also suggest that administrators enable additional attack mitigation rules that will also be added to Group Policy "MSFT Windows 10 20H2 and Server 20H2 - Defender Antivirus".
The first, the "Use Advanced ransomware Protection" rule, is designed to automatically exclude any Defender Antivirus tags as malicious, unless added to a list of exceptions.
With the release of Windows 10 20H2, administrators are advised to apply the line Microsoft Edge security in their systems, seeing that the new Chromium-based Edge browser comes as part of the operating system.
A list of all the changes that will be included in the final version of the baseline based on the auditors' comments is available in the post blog Microsoft Security.