Tamper protection now available in Windows 10 Home and for organizations through Microsoft InTune

Windows Defender Security Center
Windows Defender Security Center (Image credit: Windows Central)

What you need to know

  • Tamper protection detects when an attempt is made to alter security settings.
  • Tamper protection is now available in Windows 10 Home and for organizations through Microsoft Intune.
  • The feature has been in testing through Insiders since earlier this year but is now generally available.

Hackers and attackers continually try to find new ways to get into computer systems. One tactic is to disable Windows Defender Antivirus. By disabling real-time protection, attackers can get into systems more easily. Microsoft is rolling out a new feature that helps prevent this, tamper protection. The feature detects and prevents unwanted changes to security settings on devices. It's now available in Windows 10 Home and available to organizations through Microsoft InTune.

In a techcommunity post, Microsoft breaks down how tamper protection works and what it aims to stop. The post lists five examples of what tamper protection accomplishes:

  1. Real-time protection, which is the core antimalware scanning feature of Microsoft Defender ATP next generation protection and should rarely, if ever, be disabled
  2. Cloud-delivered protection, which uses our cloud-based detection and prevention services to block never-before-seen malware within seconds
  3. IOAV (IE Downloads and Outlook Express Attachments initiated), which handles the detection of suspicious files from the Internet
  4. Behavior monitoring, which works with real-time protection to analyze and determine whether active processes are behaving in a suspicious or malicious way, and then blocks them
  5. Security intelligence updates, which Windows Defender Antivirus uses to detect the latest threats

For Windows 10 Home users, tamper protection will be turned on by default. The feature is being turned on gradually. Users can use the Windows Security app to review or change settings for tamper protection.

Organizations can deploy tamper protection through MIcrosoft Intune. Organizations can enable the feature for an entire organization or individual devices and user groups.

Sean Endicott
News Writer and apps editor

Sean Endicott brings nearly a decade of experience covering Microsoft and Windows news to Windows Central. He joined our team in 2017 as an app reviewer and now heads up our day-to-day news coverage. If you have a news tip or an app to review, hit him up at sean.endicott@futurenet.com.