Microsoft Defender ATP gets new UEFI scanner

2 min. read

Published onJune 17, 2020

published onJune 17, 2020

Share this article

Read our disclosure page to find out how can you help Windows Report sustain the editorial teamRead more

Microsoft Defender Advanced Threat Protection, Microsoft’s preventive technology designed to help enterprise users detect and respond to security threats, is getting a new UEFI scanner to protect against hardware attacks. In a blog post today, Microsoftannounced that it’s expanding the protection capabilitiesof Microsoft Defender ATP to the firmware level by introducing a new Unified Extensible Firmware Interface (UEFI) scanner.

The new UEFI scanner basically interacts with the motherboard chipset by reading the firmware file system at runtime. “The UEFI scanner is a new component of the built-in antivirus solution on Windows 10 and gives Microsoft Defender ATP the unique ability to scan inside of the firmware filesystem and perform security assessment. It integrates insights from our partner chipset manufacturers and further expands the comprehensive endpoint protection provided by Microsoft Defender ATP,” explained the Microsoft Defender ATP Team.

According to Microsoft, the UEFI scanner uses various new solution components including the UEFI anti-rootkit, full filesystem scanner, and detection engine in order to perform dynamic analysis for threat detection. Microsoft Defender ATP customers will get the threat detection alerts in the Microsoft Defender Security Center, and they can then analyze them to respond to suspicious activities at the firmware level in their organizational environments. Moreover, your security operations teams can hunt for these threats with the help of theadvanced hunting capabilitiesin Microsoft Defender ATP.

Overall, this is a welcoming change for companies using Windows Defender ATP, and it should beef up Microsoft’s efforts to protect its enterprise customers. “With its UEFI scanner, Microsoft Defender ATP gets even richer visibility into threats at the firmware level, where attackers have been increasingly focusing their efforts on,” said the Microsoft Defender ATP Team today. “Security operations teams can use this new level of visibility, along with the rich set of detection and response capabilities in Microsoft Defender ATP, to investigate and contain such advanced attacks.”

Radu Tyrsina

Radu Tyrsina has been a Windows fan ever since he got his first PC, a Pentium III (a monster at that time).

For most of the kids of his age, the Internet was an amazing way to play and communicate with others, but he was deeply impressed by the flow of information and how easily you can find anything on the web.

Prior to founding Windows Report, this particular curiosity about digital content enabled him to grow a number of sites that helped hundreds of millions reach faster the answer they’re looking for.

User forum

0 messages

Sort by:LatestOldestMost Votes

Comment*

Name*

Email*

Commenting as.Not you?

Save information for future comments

Comment

Radu Tyrsina

With KB5043178 to Release Preview Channel, Microsoft advises Windows 11 users to plug in when the battery is low#

Copilot in Outlook will generate personalized themes for you to customize the app#

Microsoft will raise the price of its 365 Suite to include AI capabilities#

Death Stranding Director’s Cut is now Xbox X|S at a huge discount#

Outlook will let users create custom account icons so they can tell their accounts apart easier#

Microsoft Defender ATP gets new UEFI scanner#

With KB5043178 to Release Preview Channel, Microsoft advises Windows 11 users to plug in when the battery is low

Copilot in Outlook will generate personalized themes for you to customize the app

Microsoft will raise the price of its 365 Suite to include AI capabilities

Death Stranding Director’s Cut is now Xbox X|S at a huge discount

Outlook will let users create custom account icons so they can tell their accounts apart easier

Microsoft Defender ATP gets new UEFI scanner