Security News > 2021 > December > Windows 10 21H2 adds ransomware protection to security baseline

Microsoft has released the final version of security configuration baseline settings for Windows 10, version 21H2, available today from the Microsoft Security Compliance Toolkit.
The highlight of the new Windows 10 security baseline is the addition of tamper protection as a setting to enable by default.
When toggling on the Microsoft Security Baseline for Windows 10 21H2, Redmond urges admins to toggle on Defender for Endpoint's tamper protection feature to protect against human-operated ransomware attacks.
Now available for download. Windows security baselines provide Microsoft-recommended security configurations which reduce Windows systems' attack surface and increase the overall security posture of enterprise endpoints.
The Windows 10 21H2 security baseline is now available for download via the Microsoft Security Compliance Toolkit, and it includes Group Policy Object backups and reports, the scripts needed to apply settings to the local GPO, as well as Policy Analyzer rules.
More info on the changes that the new Windows 10 21H2 security baseline comes with is available in this Microsoft Security Baselines blog post.
News URL
Related news
- Bad luck, Windows 10 users. No fix yet for ransomware-exploited bug (source)
- M365 apps on Windows 10 to get security fixes into 2028 (source)
- Security shop pwns ransomware gang, passes insider info to authorities (source)
- WinRAR flaw bypasses Windows Mark of the Web security alerts (source)
- YES3 Scanner: Open-source S3 security scanner for public access, ransomware protection (source)
- Windows 10 KB5055518 update fixes random text when printing (source)
- Microsoft: Windows CLFS zero-day exploited by ransomware gang (source)
- PipeMagic Trojan Exploits Windows Zero-Day Vulnerability to Deploy Ransomware (source)
- Microsoft: Windows CLFS Vulnerability Could Lead to ‘Widespread Deployment and Detonation of Ransomware’ (source)
- Microsoft: Windows 'inetpub' folder created by security fix, don’t delete (source)