Microsoft details Tamper Protection in Windows Defender April 2019 Update

Reading time icon 2 min. read


Readers help support MSPoweruser. When you make a purchase using links on our site, we may earn an affiliate commission. Tooltip Icon

Read the affiliate disclosure page to find out how can you help MSPoweruser effortlessly and without spending any money. Read more

Microsoft defender

In a blog post Microsoft detailed a new feature in Microsoft’s security product Windows Defender ATP.

Tamper Protection is a new setting available in the Windows Security app which provides additional protections against changes to key security features, including limiting changes that are not made directly through the app.

The feature is available to both home and enterprise users (where it would be managed centrally via Intune) and has been in testing by Windows 10 Insiders for around 2 months now.

When enabled other (possibly malicious) apps will be prevented from changing:

  • Real-time protection, which is the core antimalware scanning feature of Microsoft Defender ATP next-gen protection and should rarely, if ever, be disabled
  • Cloud-delivered protection, which uses our cloud-based detection and prevention services to block never-before-seen malware within seconds
    IOAV, which handles the detection of suspicious files from the Internet
  • Behaviour monitoring, which works with real-time protection to analyze and determine if active processes are behaving in a suspicious or malicious way and block them
  • The feature also prevents the deletion of security intelligence updates and the disabling of the entire antimalware solution.

The feature will be on by default and will roll out to all users with the Windows 10 April 2019 Update in the near future.

via WindowsTeam.com.br

More about the topics: tamper protection, Windows Defender

Leave a Reply

Your email address will not be published. Required fields are marked *