Microsoft Now Enables Windows 10 Tamper Protection By Default

Corrine · Oct 14, 2019

From Twitter: Microsoft Security Intelligence on Twitter: "Tamper protection, a new feature that prevents malicious or unauthorized changes to security features, is now generally available for Microsoft Defender ATP customers and enabled by default for home users. Learn what this means and how you can deploy: https://t.co/rk0H3z7gUF https://t.co/PEqCOADVdP" / Twitter

Also see Microsoft Now Enables Windows 10 Tamper Protection By Default:

With the Windows Defender becoming a reliable antivirus solution and further security enhancements being added to Windows 10, malware has increasingly made efforts to bypass it.

This is done by attempting to turn off or reduce the functionality of Windows Defender through PowerShell commands, group policies, or Registry modifications.

For example, over the past 4 months we have seen TrickBot, GootKit, and the Nodersok Trojans make a concerted effort to bypass Windows Defender in order to remain resident on an infected computer or to bypass its protections.

To enable Tamper Protection, go to Settings > Windows Security > Virus & Threat Protection and click "Manage Settings". Scroll down to the "Tamper Protection" setting to enable.

Search

Search

Microsoft Now Enables Windows 10 Tamper Protection By Default

Corrine

Administrator,
Microsoft MVP,
Security Analyst

Microsoft Now Enables Windows 10 Tamper Protection By Default

Corrine

Administrator, Microsoft MVP, Security Analyst

Administrator,
Microsoft MVP,
Security Analyst