Microsoft Extends Threat Protection Range

Dennis Snider

529 Posts

748 views

0

Having extended its antivirus protection to Mac OS in 2019, Microsoft is now reaching out further to provide enterprise security protection for other non-Windows operating systems. A Linux version is already on release, and an Android version is available for preview.

All the new protections are part of the Microsoft Advanced Threat Protection offering, and can only be used if you have Windows 10 Enterprise Edition. It is not entirely clear what the new protection will cost, but it seems to be between $30 and $72 for each machine per annum for Enterprise customers. If a machine is linked to Azure AD, then users can buy an additional Microsoft 365 ATP subscription for $5.20 per license (home users would require a $6 Intune license in addition).

The Linux preview appeared in February, offering anti-virus alerts and threat protection. Administrators were given the capacity to manage threats across networks using command lines.

The preview for Android showcase a number of protections including blocking of suspicious sites suspected of phishing, blocks that can apply right across networks; proactive scans for any malware or unnecessary applications/files on mobile devices; the capacity to block network resources if they appear to be affected. Links to the Microsoft Defender Security Centre are already accessible for Windows, Mac, and Linux.

Microsoft has also announced additional firmware protection with premium Microsoft Defender. This allows scanning of the Unified Extensible Firmware Interface, the mechanism which scans a computer at start-up to determine what hardware is present. Up to now, firmware infections were particularly difficult to deal with because they were centered in the core parts of machines, which made them very difficult to identify and meant that they could remain on a computer even when the operating system had been reinstalled.

There has been a certain amount of surprise that this new firmware protection is only available to enterprises for a premium fee. There are many other single users of computers that have vulnerabilities in terms of in-person attacks on their hardware, when a malicious actor briefly gains access to a computer and installs a virus to infect the machine’s firmware. At present it is unclear whether Microsoft have any plans to allow this new and extremely useful firmware protection to become available to more than just enterprise customers.