LandzDown Forum

Software & More => Web News => Topic started by: Corrine on October 14, 2019, 04:24:01 PM

Title: Microsoft Now Enables Windows 10 Tamper Protection By Default
Post by: Corrine on October 14, 2019, 04:24:01 PM
From Twitter:  Microsoft Security Intelligence on Twitter: "Tamper protection, a new feature that prevents malicious or unauthorized changes to security features, is now generally available for Microsoft Defender ATP customers and enabled by default for home users. Learn what this means and how you can deploy: https://t.co/rk0H3z7gUF https://t.co/PEqCOADVdP" / Twitter (https://twitter.com/MsftSecIntel/status/1183777065243267077)

Also see Microsoft Now Enables Windows 10 Tamper Protection By Default (https://www.bleepingcomputer.com/news/microsoft/microsoft-now-enables-windows-10-tamper-protection-by-default/):
Quote
With the Windows Defender becoming a reliable antivirus solution and further security enhancements being added to Windows 10, malware has increasingly made efforts to bypass it.

This is done by attempting to turn off or reduce the functionality of Windows Defender through PowerShell commands, group policies, or Registry modifications.

For example, over the past 4 months we have seen TrickBot, GootKit, and the Nodersok Trojans make a concerted effort to bypass Windows Defender in order to remain resident on an infected computer or to bypass its protections.

To enable Tamper Protection, go to Settings > Windows Security > Virus & Threat Protection and click "Manage Settings".  Scroll down to the "Tamper Protection" setting to enable.