Posted on Friday, June 19 2020 @ 15:38 CEST by Thomas De Maesschalck
Microsoft announces it added a new Unified Extensible Firmware Interface (UEFI) scanner to its enterprise-level Defender Advanced Threat Protection (Defender ATP) security tool. This will protect Windows 10 users against firmware attacks.
Windows Defender System Guard helps defend against firmware attacks by providing guarantees for secure boot through hardware-backed security features like hypervisor-level attestation and Secure Launch, also known as Dynamic Root of Trust (DRTM), which are enabled by default in Secured-core PCs. The new UEFI scan engine in Microsoft Defender ATP expands on these protections by making firmware scanning broadly available.
The UEFI scanner is a new component of the built-in antivirus solution on Windows 10 and gives Microsoft Defender ATP the unique ability to scan inside of the firmware filesystem and perform security assessment. It integrates insights from our partner chipset manufacturers and further expands the comprehensive endpoint protection provided by Microsoft Defender ATP.
Details on how it works can be found
at the Microsoft Security blog.
