Security News > 2020 > June > Microsoft Defender ATP Gets UEFI Scanner

Microsoft has extended the protection capabilities of Microsoft Defender Advanced Threat Protection with the addition of a Unified Extensible Firmware Interface scanner.

With hardware and firmware-level attacks increasing in frequency over the past several years, Microsoft has decided to expand its security solution's capabilities to ensure it can continue to keep users secure.

"Firmware scanning is orchestrated by runtime events like suspicious driver load and through periodic system scans. Detections are reported in Windows Security, under Protection history," Microsoft explains.

These detections will also be available for Microsoft Defender ATP customers in Microsoft Defender Security Center, to enable fast investigation and response to firmware attacks and suspicious activities at the firmware level.

"With its UEFI scanner, Microsoft Defender ATP gets even richer visibility into threats at the firmware level, where attackers have been increasingly focusing their efforts on. [] This level of visibility is also available in Microsoft Threat Protection, which delivers an even broader cross-domain defense that coordinates protection across endpoints, identities, email, and apps," Microsoft concludes.

News URL

http://feedproxy.google.com/~r/Securityweek/~3/IbuUdSdhGQQ/microsoft-defender-atp-gets-uefi-scanner