Microsoft has finally released Windows 10, version 21H2 security baseline package. While this is an important update, we should point out that it does not bring a lot of new policy settings. This new update brings to the table a single setting that was designed for printer driver installation restrictions. This was added to Windows 11 as well, so nothing unique. When it comes down to Microsoft Edge Legacy settings, this has been removed 100 percent, and that’s a good thing for the future.
Security baseline for Windows 10 v 21H2 available
This Windows 10 feature update brings very few new policy settings. One setting has been added for this release for printer driver installation restrictions (which was also added to the Windows 11 release). Additionally, all Microsoft Edge Legacy settings have been removed.
Restrict Driver Installations
Back in July of this year, Microsoft released a patch for CVE-2021-34527, which is also known as “PrintNightmare”. The company says it added a new setting to the Microsoft Security Guide (Administrative TemplatesPrintersLimits print driver installation to Administrators) and enforced the enablement. Brar in mind that previously, this setting was custom in SecGuide.admx/l, but so far, it has been removed to inbox.
About Microsoft Edge Legacy
Back on March 9, 2021, Microsoft Edge Legacy came to an end where support is concerned. Because of this, the software giant ensured it did not come as part of the Windows 10 21H2 package. Your best option right now is to use the Chromium-based version of Microsoft Edge for best performance on the web.
About Tamper Protection
From the official blog post, Microsoft has made it clear that when you choose to turn on Microsoft Security Baseline, ensure you’ve enabled Microsoft Defender for Endpoint’s “Tamper Protection” in order to add an extra layer of protection against Human Operated Ransomware.
For those from the enterprise, you should download “The Microsoft Security Compliance Toolkit, test the recommended configurations, and customize/implement as appropriate.”