At this time the security baseline will move MS Security Guide\LSA Protection to a value of enabled.Ī new rule Block abuse of exploited vulnerable signed drivers is now included as part of the operating system baselines as part of the Microsoft Defender Antivirus GPO. LSA protection was first introduced in the Windows 8.1 security baseline, as part of the original Pass-the-Hash mitigations. The work of creating and deploying registry keys is now included in the security baseline until the setting becomes inbox to Windows.Īdditional Local Security Authority (LSA) protection provides defense by running LSA as a protected process. Configure RPC packet level privacy setting for incoming connections has been added to SecGuide.ADMX as a result of CVE-2021-1678 and is set to Enabled as part of the baseline.The explanatory text in the MS Security Guide is updated to point users to the new location. However, since both settings write to the same location, the configured values still appear in both locations. This policy is now contained within the OS, and the MS Security Guide setting is deprecated. Limit print driver installation to Administrators was introduced to the security baselines as part of the SecGuide.ADMX before an inbox policy was available.For Windows 10, version 22H2 this setting is not yet available natively, therefore we have created the setting and added it to the SecGuide.ADMX. The security baseline is to configure this setting to Enabled with the option of Limit queue-specific files to color profiles. This setting allows standard color profile processing using the inbox mscms.dll executable and nothing else. Manage processing of queue-specific files (also called CopyFilesPolicy) was first introduced as a registry key in response to CVE-2021-36958 in September of 2021.The setting Configure Redirection Guard is now Enabled as part of the baseline. RedirectionGuard is a security measure that prevents the use of non-administratively created redirection primitives from being followed within a given process. Support for RedirectionGuard is added to the print service.Changes have been made for additional protections around driver security, credential theft, printers, and account lockout. This release includes numerous changes to further assist in the security of enterprise customers. Please download the content from the Microsoft Security Compliance Toolkit, test the recommended configurations, and customize / implement as appropriate. Microsoft is pleased to announce the release of the security baseline package for Windows 10, version 22H2!
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |