Tamper Protection added to Windows Security
Microsoft has announced the general availability of Tamper Protection, a new feature within Windows Security designed to prevent malicious apps from circumventing the company's antivirus product.
The new feature will prevent other apps besides Windows Security from changing Windows Defender Antivirus settings including real-time protection and cloud-delivered protection.
It will be turned on by default on both the free version of Windows Defender and with the commercial version Microsoft Defender Advanced Threat Protection.
The Windows Security app will display a yellow warning if the feature is disabled by a system administrator.
Once the setting is enabled, malicious apps will not be able to disable virus and threat protection, behaviour monitoring, Windows Defender antivirus components, security intelligence updates or cloud-delivered antivirus protection.
The solution is designed to protect against malicious apps configuring settings in Regedit, changing settings through PowerShell scripts or editing or removing settings through group policies.
Microsoft has also issued an update to its security intelligence within Windows Security designed to alleviate the risk of Tamper Protection interfering with third-party security products or enterprise installation scripts designed to modify the settings.
The company noted that if the setting is switched on, administrators will no longer be able to turn off the Windows Defender Antivirus service by using the DisableAntiSpyware group policy key.
Robert H Dennard, the inventor of DRAM, has been awarded the semiconductor industry's top...
The Australian Cyber Security Centre is continuing to monitor the cyber threats posed by the...
Microsoft has announced a range of security enhancements aimed at providing "endpoint...