Microsoft Extends its ATP Defender Protection to UEFI BIOS With UEFI Scanner
Microsoft has announced an extension to the Windows Defender System Guard which will allow it to also verify and guarantee integryity of systems at a UEFI BIOS level. Citing an increase in hardware and firmware-level attacks over the years, the extended protection functionality aims to guarantee protection across the entire hierarchy of a device, from firmware up through to cloud processing.
The UEFI scanner is a new component of the built-in antivirus solution on Windows 10 and gives Microsoft Defender ATP the unique ability to scan inside of the firmware filesystem and perform security assessment. Working in conjunction with your systems' chipset, the UEFI scanner features a three-pronged solution to firmware security: UEFI anti-rootkit, which reaches the firmware through Serial Peripheral Interface (SPI); Full filesystem scanner, which analyzes content inside the firmware; and a Detection engine, which identifies exploits and malicious behaviors.
The UEFI scanner is a new component of the built-in antivirus solution on Windows 10 and gives Microsoft Defender ATP the unique ability to scan inside of the firmware filesystem and perform security assessment. Working in conjunction with your systems' chipset, the UEFI scanner features a three-pronged solution to firmware security: UEFI anti-rootkit, which reaches the firmware through Serial Peripheral Interface (SPI); Full filesystem scanner, which analyzes content inside the firmware; and a Detection engine, which identifies exploits and malicious behaviors.