When bad actors gain access to a system they often want to disable Microsoft Defender Antivirus, that way their malware and their suspicious activity are successful. There’s a feature available in Windows OS called tamper protection that prevents a bad actor or malicious application from disabling the Microsoft Defender Antivirus setting, including real-time protection and cloud-delivered protection.
Microsoft Defender for Endpoint will turn on tamper protection by default for all enterprise customers. If you are using a personal system that is not managed by an organization’s security team, you can manage tamper protection using the following steps.
Steps:
- In the search box on the taskbar, type Windows Security and then select Windows Security.
![](/wp-content/uploads/2023/01/Windows10-Tamper-protection-01.jpg)
2. In Windows Security, select Virus & threat protection and then under Virus & threat protection settings, select Manage settings.
![](/wp-content/uploads/2023/01/Windows10-Tamper-protection-02.jpg)
- Change the Tamper Protection setting to On.
![](/wp-content/uploads/2023/01/Windows10-Tamper-protection-03.jpg)
Use PowerShell to check Tamper Protection
-
- Open the PowerShell application.
- Enter the Get-MPComputerStatus PowerShell cmdlet.
- In the list of results, look for IsTamperProtection. If the value is true, then Tamper Protection is enabled.
![](/wp-content/uploads/2023/01/PowerShell_To_Check_Tamper_Protection.jpg)
0 Comments