Microsoft has just rolled out a new feature for its antivirus program, Microsoft Defender, which would make it even harder for malicious software to run rampant across a Windows operating system. The feature is called Tamper Protection and it does exactly what the name suggests – protects the program from being tampered with.
Sometimes, malware can turn off certain Microsoft Defender features in order to stay undetected. As of today, malware won't be able to disable antivirus and threat protection, disable real-time protection, turn off behaviour monitoring, disable cloud-delivered protection or prevent the program from installing new updates.
It will also make sure malware doesn't turn off different components.
Microsoft added that malware will also no longer be able to change security settings by modifying things in the Registry Editor or PowerShell cmdlets.
The feature is free to grab, and is available for both personal and business users. However, Microsoft added that Tamper Protection was built primarily with businesses in mind.
"When an administrator enables the policy in Microsoft Intune, the tamper protection policy is digitally signed in the backend before it's sent to endpoints," Microsoft says."The endpoint verifies the validity and intent, establishing that it is a signed package that only security operations personnel with Microsoft Intune admin rights can control."