Tamper Protection added to Windows Security

By Dylan Bushell-Embling
Tuesday, 15 October, 2019

Tamper Protection added to Windows Security

Microsoft has announced the general availability of Tamper Protection, a new feature within Windows Security designed to prevent malicious apps from circumventing the company's antivirus product.

The new feature will prevent other apps besides Windows Security from changing Windows Defender Antivirus settings including real-time protection and cloud-delivered protection.

It will be turned on by default on both the free version of Windows Defender and with the commercial version Microsoft Defender Advanced Threat Protection.

The Windows Security app will display a yellow warning if the feature is disabled by a system administrator.

Once the setting is enabled, malicious apps will not be able to disable virus and threat protection, behaviour monitoring, Windows Defender antivirus components, security intelligence updates or cloud-delivered antivirus protection.

The solution is designed to protect against malicious apps configuring settings in Regedit, changing settings through PowerShell scripts or editing or removing settings through group policies.

Microsoft has also issued an update to its security intelligence within Windows Security designed to alleviate the risk of Tamper Protection interfering with third-party security products or enterprise installation scripts designed to modify the settings.

The company noted that if the setting is switched on, administrators will no longer be able to turn off the Windows Defender Antivirus service by using the DisableAntiSpyware group policy key.

Image credit: ©iStockphoto.com/Federico Caputo

Related News

The IBM researcher who changed the world

Robert H Dennard, the inventor of DRAM, has been awarded the semiconductor industry's top...

ACSC urges vigilance over "concerning" cyber threats

The Australian Cyber Security Centre is continuing to monitor the cyber threats posed by the...

Microsoft may finally resolve the Macro threat

Microsoft has announced a range of security enhancements aimed at providing "endpoint...

  • All content Copyright © 2019 Westwick-Farrow Pty Ltd