When bad actors gain access to a system they often want to disable Microsoft Defender Antivirus, that way their malware and their suspicious activity are successful. There’s a feature available in Windows OS called tamper protection that prevents a bad actor or malicious application from disabling the Microsoft Defender Antivirus setting, including real-time protection and cloud-delivered protection.
Microsoft Defender for Endpoint will turn on tamper protection by default for all enterprise customers. If you are using a personal system that is not managed by an organization’s security team, you can manage tamper protection using the following steps.
Steps:
- In the search box on the taskbar, type Windows Security and then select Windows Security.
2. In Windows Security, select Virus & threat protection and then under Virus & threat protection settings, select Manage settings.
- Change the Tamper Protection setting to On.
Use PowerShell to check Tamper Protection
-
- Open the PowerShell application.
- Enter the Get-MPComputerStatus PowerShell cmdlet.
- In the list of results, look for IsTamperProtection. If the value is true, then Tamper Protection is enabled.
0 Comments