Microsoft Defender ATP protection adds UEFI scanner feature
Under normal circumstances, as long as the common types of viruses are found in time, it is relatively easy to kill, but some viruses are relatively more powerful in terms of technical solutions.
For example, an advanced virus that specifically targets the system firmware is not easy to be killed. The main reason is that the virus has been lurking in the system firmware.
The most typical of these viruses is the advanced virus that is infected by UEFI firmware, and now Microsoft has begun to target and kill such advanced viruses.
Microsoft has recently updated the Microsoft Defender ATP protection. This update brings a variety of different security measures to harden the system.
This includes stubborn virus detection and the killing of UEFI firmware. New components added by Microsoft can be scanned directly through the serial peripheral device interface to the system firmware.
Microsoft said that the new UEFI firmware scanner integrates Microsoft’s rich security technology, which can provide a full range of security from chip to cloud.
For enterprise organizations that have deployed Microsoft Defender ATP, the administrator will also receive a reminder when they receive similar virus infections and conduct killing.
The enterprise security team can collect and trace the virus infection process based on these alarm activities to ensure that the enterprise computers and internal networks are not threatened by security.
Microsoft said that if the hardware device itself supports security features such as a secure boot or device certification, Microsoft Defender ATP can also be seamlessly integrated.
With the help of the UEFI scanner in Microsoft Defender ATP, you can gain an in-depth understanding of firmware-level threats, and the security team can use it to detect such threats.