Windows Defender now prevents itself from being disabled by malware

In December 2018, Microsoft introduced a feature in Windows Defender called “Tamper Protection” through the Windows Insider program. As its name implies, it is a function that prevents Defender from being tampered with by malware.

Microsoft has released functionality for the domestic versions of  Windows 10 in one of the latest builds released by Windows Insider this March, and it is enabled by default after installing the OS or after installing the update.

There is a category of viruses and malware that can make changes in critical areas of security applications, such as shutting down real-time protection and updating antivirus vaccines. Besides this action make the operating system completely vulnerable to the action of this malware, it is still defenseless against the action of other malicious software.

DoubleAgent is an example of malware that acts by modifying and neutralizing the security of the computer. It is able to shut down renowned antiviruses such as Avira, Avast, AVG, Bitdefender, Panda, Trend Micro, Comodo, ESET, Malwarebytes, McAfee, Norton, Kaspersky, and F-Secure. Pest of this type has also been discovered in Linux-based and MacOS-based systems.

Tamper Protection of the “new” Microsoft Defender Advanced Threat Protection also protects the app from turning off malware detection, prevents “zero-day” exploits, and prevents security updates from being deleted.

As a corporate-use feature, Tamper Protection should be managed by system administrators, who must keep it enabled and protected from disabling by ordinary users.

Although Microsoft has not made an official statement, it is possible that Tamper Protection will only be available in the stable version of Windows 10.

If you need help, have doubts or concerns, do not hesitate to leave a comment in the comment box below and we will try to help you as soon as possible!

Leave a Comment

Your email address will not be published.