HomeWinBuzzer NewsMicrosoft Defender ATP Gets UEFI Scanner to Protect Against Firmware-Level Attacks

Microsoft Defender ATP Gets UEFI Scanner to Protect Against Firmware-Level Attacks

Microsoft Defender ATP now includes a Unified Extensible Firmware Interface (UEFI) scanner for Windows 10 users.

-

Microsoft wants to combat firmware and hardware cyber attacks more efficiently. To reach its goal, the company has revealed a Unified Extensible Firmware Interface (UEFI) scanner on Microsoft Defender ATP.

In a blog post, Microsoft describes the UEFI scanner has a tool that can scan firmware filesystems while performing security checks. Now part of Microsoft Defender ATP, the scanner will be a built-in part of Windows 10.

“Hardware and firmware-level attacks have continued to rise in recent years, as modern security solutions made persistence and detection evasion on the operating system more difficult. Attackers compromise the boot flow to achieve low-level malware behavior that's hard to detect, posing a significant risk to an organization's security posture.”

Microsoft points out the tool was created with help from partner chipset manufacturers. It is designed to build upon existing endpoint protection tools on Microsoft Defender ATP.

Boosting Capabilities

The service already has Windows Defender System Security guard to protect Windows 10 through secure boot features. This tool helps users to avoid firmware attacks. By combining the UEFI scanner with System Guard, Microsoft says Defender ATP can add even more secure boot protection.

Some of the fundamental components of the new scanner include:

  • “UEFI anti-rootkit, which reaches the firmware through Serial Peripheral Interface (SPI)
  • Full filesystem scanner, which analyzes content inside the firmware
  • Detection engine, which identifies exploits and malicious behaviors”

When issues are found, Microsoft Defender ATP will surface them in . Users can locate these notifications through the Settings app, Windows Security, and then Protection history. Furthermore, alerts will also be added to Microsoft Defender Security Center.

SourceMicrosoft
Luke Jones
Luke Jones
Luke has been writing about Microsoft and the wider tech industry for over 10 years. With a degree in creative and professional writing, Luke looks for the interesting spin when covering AI, Windows, Xbox, and more.

Recent News

0 0 votes
Article Rating
Subscribe
Notify of
guest
0 Comments
Newest
Oldest Most Voted
Inline Feedbacks
View all comments
0
Would love your thoughts, please comment.x
()
x
Mastodon